rhea-2022_1596
Vulnerability from csaf_redhat
Published
2022-04-26 16:51
Modified
2024-11-05 16:10
Summary
Red Hat Enhancement Advisory: OpenShift Virtualization 4.9.4 Images
Notes
Topic
Red Hat OpenShift Virtualization release 4.9.4 is now available with updates to packages and images that fix several bugs and add enhancements.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.9.4 images:
RHEL-8-CNV-4.9
==============
hyperconverged-cluster-webhook-container-v4.9.4-5
hyperconverged-cluster-operator-container-v4.9.4-5
kubevirt-template-validator-container-v4.9.4-5
virtio-win-container-v4.9.4-5
vm-import-operator-container-v4.9.4-5
virt-cdi-operator-container-v4.9.4-7
node-maintenance-operator-container-v4.9.4-5
hostpath-provisioner-container-v4.9.4-5
vm-import-controller-container-v4.9.4-5
cnv-containernetworking-plugins-container-v4.9.4-5
ovs-cni-marker-container-v4.9.4-5
kubevirt-vmware-container-v4.9.4-6
kubernetes-nmstate-handler-container-v4.9.4-7
kubevirt-ssp-operator-container-v4.9.4-5
ovs-cni-plugin-container-v4.9.4-5
vm-import-virtv2v-container-v4.9.4-5
kubevirt-v2v-conversion-container-v4.9.4-5
virt-cdi-cloner-container-v4.9.4-7
bridge-marker-container-v4.9.4-5
hostpath-provisioner-operator-container-v4.9.4-5
kubemacpool-container-v4.9.4-5
virt-cdi-uploadproxy-container-v4.9.4-7
virt-cdi-controller-container-v4.9.4-7
virt-cdi-uploadserver-container-v4.9.4-7
virt-cdi-apiserver-container-v4.9.4-7
cluster-network-addons-operator-container-v4.9.4-7
virt-cdi-importer-container-v4.9.4-7
virt-controller-container-v4.9.4-7
virt-handler-container-v4.9.4-7
virt-api-container-v4.9.4-7
virt-artifacts-server-container-v4.9.4-7
virt-operator-container-v4.9.4-7
virt-launcher-container-v4.9.4-7
libguestfs-tools-container-v4.9.4-7
cnv-must-gather-container-v4.9.4-11
hco-bundle-registry-container-v4.9.4-58
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.9.4 is now available with updates to packages and images that fix several bugs and add enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.9.4 images:\n\nRHEL-8-CNV-4.9\n==============\nhyperconverged-cluster-webhook-container-v4.9.4-5\nhyperconverged-cluster-operator-container-v4.9.4-5\nkubevirt-template-validator-container-v4.9.4-5\nvirtio-win-container-v4.9.4-5\nvm-import-operator-container-v4.9.4-5\nvirt-cdi-operator-container-v4.9.4-7\nnode-maintenance-operator-container-v4.9.4-5\nhostpath-provisioner-container-v4.9.4-5\nvm-import-controller-container-v4.9.4-5\ncnv-containernetworking-plugins-container-v4.9.4-5\novs-cni-marker-container-v4.9.4-5\nkubevirt-vmware-container-v4.9.4-6\nkubernetes-nmstate-handler-container-v4.9.4-7\nkubevirt-ssp-operator-container-v4.9.4-5\novs-cni-plugin-container-v4.9.4-5\nvm-import-virtv2v-container-v4.9.4-5\nkubevirt-v2v-conversion-container-v4.9.4-5\nvirt-cdi-cloner-container-v4.9.4-7\nbridge-marker-container-v4.9.4-5\nhostpath-provisioner-operator-container-v4.9.4-5\nkubemacpool-container-v4.9.4-5\nvirt-cdi-uploadproxy-container-v4.9.4-7\nvirt-cdi-controller-container-v4.9.4-7\nvirt-cdi-uploadserver-container-v4.9.4-7\nvirt-cdi-apiserver-container-v4.9.4-7\ncluster-network-addons-operator-container-v4.9.4-7\nvirt-cdi-importer-container-v4.9.4-7\nvirt-controller-container-v4.9.4-7\nvirt-handler-container-v4.9.4-7\nvirt-api-container-v4.9.4-7\nvirt-artifacts-server-container-v4.9.4-7\nvirt-operator-container-v4.9.4-7\nvirt-launcher-container-v4.9.4-7\nlibguestfs-tools-container-v4.9.4-7\ncnv-must-gather-container-v4.9.4-11\nhco-bundle-registry-container-v4.9.4-58",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2022:1596",
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "external",
"summary": "2049800",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049800"
},
{
"category": "external",
"summary": "2055546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055546"
},
{
"category": "external",
"summary": "2055786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055786"
},
{
"category": "external",
"summary": "2059111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059111"
},
{
"category": "external",
"summary": "2068147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2068147"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhea-2022_1596.json"
}
],
"title": "Red Hat Enhancement Advisory: OpenShift Virtualization 4.9.4 Images",
"tracking": {
"current_release_date": "2024-11-05T16:10:26+00:00",
"generator": {
"date": "2024-11-05T16:10:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHEA-2022:1596",
"initial_release_date": "2022-04-26T16:51:34+00:00",
"revision_history": [
{
"date": "2022-04-26T16:51:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-26T16:51:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T16:10:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.9 for RHEL 8",
"product": {
"name": "CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product": {
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product_id": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.9.4-11"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product_id": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.9.4-58"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product": {
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product_id": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product_id": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product_id": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-v2v-conversion\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product_id": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-vmware\u0026tag=v4.9.4-6"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product": {
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product_id": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product_id": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product_id": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product_id": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product": {
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product_id": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product_id": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product_id": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product_id": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product_id": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product_id": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product": {
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product_id": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product": {
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product_id": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product": {
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product_id": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product": {
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product_id": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product": {
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product_id": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product_id": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-operator-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product_id": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-virtv2v-rhel8\u0026tag=v4.9.4-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64"
},
"product_reference": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64"
},
"product_reference": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64"
},
"product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64"
},
"product_reference": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64"
},
"product_reference": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64"
},
"product_reference": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64"
},
"product_reference": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64"
},
"product_reference": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64"
},
"product_reference": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64"
},
"product_reference": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64"
},
"product_reference": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64"
},
"product_reference": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
},
"product_reference": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.