rhba-2024_0928
Vulnerability from csaf_redhat
Published
2024-02-20 15:58
Modified
2024-11-13 23:24
Summary
Red Hat Bug Fix Advisory: MTV 2.5.5 Images
Notes
Topic
Updated Release packages that fix several bugs and add various enhancements are now available.
Details
Migration Toolkit for Virtualization 2.5.5 Images
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Release packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Migration Toolkit for Virtualization 2.5.5 Images",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2024:0928",
"url": "https://access.redhat.com/errata/RHBA-2024:0928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhba-2024_0928.json"
}
],
"title": "Red Hat Bug Fix Advisory: MTV 2.5.5 Images",
"tracking": {
"current_release_date": "2024-11-13T23:24:55+00:00",
"generator": {
"date": "2024-11-13T23:24:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHBA-2024:0928",
"initial_release_date": "2024-02-20T15:58:35+00:00",
"revision_history": [
{
"date": "2024-02-20T15:58:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-20T15:58:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T23:24:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-MTV-2.5",
"product": {
"name": "8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.5::el9"
}
}
},
{
"category": "product_name",
"name": "8Base-MTV-2.5",
"product": {
"name": "8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Migration Toolkit for Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"product_id": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-api-rhel9\u0026tag=2.5.5-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64",
"product_id": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-console-plugin-rhel9\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"product_id": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-controller-rhel9\u0026tag=2.5.5-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-api-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-rhel8\u0026tag=2.5.5-7"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"product_id": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-openstack-populator-rhel9\u0026tag=2.5.5-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"product_id": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-operator-bundle\u0026tag=2.5.5-16"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhel8-operator\u0026tag=2.5.5-8"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"product_id": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-ova-provider-server-rhel9\u0026tag=2.5.5-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"product_id": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-populator-controller-rhel9\u0026tag=2.5.5-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhv-populator-rhel8\u0026tag=2.5.5-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"product_id": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-validation-rhel9\u0026tag=2.5.5-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-rhel9\u0026tag=2.5.5-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8\u0026tag=2.5.5-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-26159",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2256413"
}
],
"notes": [
{
"category": "description",
"text": "An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse() function. When a new URL() throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "follow-redirects is a transitive dependency of Grafana, and does not affect Red Hat Enterprise Linux 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26159"
},
{
"category": "external",
"summary": "RHBZ#2256413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159"
}
],
"release_date": "2024-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T15:58:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2024:0928"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()"
},
{
"cve": "CVE-2024-21484",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"discovery_date": "2024-01-22T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259531"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsrsasign, which is vulnerable to an observable discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process. This flaw allows an attacker to decrypt ciphertexts. Exploiting this vulnerability requires the attacker to have access to a large number of ciphertexts encrypted with the same key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsrsasign: vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:b47c3890048aacb3871c5881f4c322d0c31327dcd7f2ecc56a756222d5c1b430_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:a3c7f322ad9ea6bab636f23ec9b5251a0d0c60db00435f7f3bc9e5f27bd12b72_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:feaa4bffc2f342ac9bf9b49f134438a696195a5fce68bb87a9758093f4afc0a1_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:a09314b93d4af7f7b1d9ab382ac45114cedb08ffd9b6877a75a2c6008613c08c_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:524cf3280bd8b6676c29514cac57b9549389c14352e6f415532df038779b2c05_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:9e9e2eaee0ffd333a15412cdb7895bcaa939e20c63ba0d6af5e6ab14e14b0457_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:322bef90e555a242f22c79fee8972a7c64a885f660023363066bf9841bcd3f31_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:39723ec6f8e81abb29c8900ace04b52756b946ed4a5dc1539435ddc1fa4d3ad0_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:c03299e6aa376300d385acbb1b4c3cef9ebc7d5f2404203a18197f7b0f05738e_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:da5195884a542857fc3b9e05311027eca03a5f3aa17b862c9aee3ff5ae2bbcb6_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:b377ea42b5cb2283254377e9ea6aa9f25830d545f253d49ffd7390e818e33a64_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:dfaafdce49acf64589b22235d9c1b61612be90b524e2902d1f5c804556234f4d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:2585c8921693fba30e29aea73473ae1c9b373ba9ad945b901a99ca1bec54264f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-21484"
},
{
"category": "external",
"summary": "RHBZ#2259531",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259531"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-21484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21484"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21484",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21484"
},
{
"category": "external",
"summary": "https://github.com/kjur/jsrsasign/issues/598",
"url": "https://github.com/kjur/jsrsasign/issues/598"
},
{
"category": "external",
"summary": "https://github.com/kjur/jsrsasign/releases/tag/11.0.0",
"url": "https://github.com/kjur/jsrsasign/releases/tag/11.0.0"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6070734",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6070734"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBKJUR-6070733",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBKJUR-6070733"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6070732",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6070732"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-6070731",
"url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-6070731"
}
],
"release_date": "2024-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T15:58:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2024:0928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:2604c818e10633bf09d22f7018ce1d192099a9986704b5a883278d8cc48b4635_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsrsasign: vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.