rhsa-2021_5086
Vulnerability from csaf_redhat
Published
2021-12-13 19:26
Modified
2024-11-15 10:42
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.9.0 enhancement, security, and bug fix update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.9.0 on Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated
with and optimized for the Red Hat OpenShift Container Platform. Red Hat
OpenShift Data Foundation is a highly scalable, production-grade persistent
storage for stateful applications running in the Red Hat OpenShift
Container Platform. In addition to persistent storage, Red Hat OpenShift
Data Foundation provisions a multicloud data management service with an S3
compatible API.
Security Fix(es):
* kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9 (CVE-2020-8565)
* nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite (CVE-2021-32803)
* nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite (CVE-2021-32804)
* golang: net: lookup functions may return invalid host names (CVE-2021-33195)
* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
* nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information refer to the CVE
page(s) listed in the References section.
These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.9/html/4.9_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to
these updated images, which provide numerous bug fixes and enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.9.0 on Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated\nwith and optimized for the Red Hat OpenShift Container Platform. Red Hat\nOpenShift Data Foundation is a highly scalable, production-grade persistent\nstorage for stateful applications running in the Red Hat OpenShift\nContainer Platform. In addition to persistent storage, Red Hat OpenShift\nData Foundation provisions a multicloud data management service with an S3\ncompatible API.\n\nSecurity Fix(es):\n\n* kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel \u003e= 9 (CVE-2020-8565)\n\n* nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite (CVE-2021-32803)\n\n* nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite (CVE-2021-32804)\n\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\n* nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information refer to the CVE\npage(s) listed in the References section.\n\nThese updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.9/html/4.9_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to\nthese updated images, which provide numerous bug fixes and enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5086",
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1810525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810525"
},
{
"category": "external",
"summary": "1853638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853638"
},
{
"category": "external",
"summary": "1886638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886638"
},
{
"category": "external",
"summary": "1890438",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890438"
},
{
"category": "external",
"summary": "1890978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890978"
},
{
"category": "external",
"summary": "1892709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892709"
},
{
"category": "external",
"summary": "1901954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901954"
},
{
"category": "external",
"summary": "1910790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1910790"
},
{
"category": "external",
"summary": "1927782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927782"
},
{
"category": "external",
"summary": "1929242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929242"
},
{
"category": "external",
"summary": "1932396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932396"
},
{
"category": "external",
"summary": "1934625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934625"
},
{
"category": "external",
"summary": "1956285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956285"
},
{
"category": "external",
"summary": "1959793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959793"
},
{
"category": "external",
"summary": "1964083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964083"
},
{
"category": "external",
"summary": "1965322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965322"
},
{
"category": "external",
"summary": "1968510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1968510"
},
{
"category": "external",
"summary": "1968606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1968606"
},
{
"category": "external",
"summary": "1969216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1969216"
},
{
"category": "external",
"summary": "1973256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973256"
},
{
"category": "external",
"summary": "1975272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975272"
},
{
"category": "external",
"summary": "1975581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975581"
},
{
"category": "external",
"summary": "1979244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979244"
},
{
"category": "external",
"summary": "1979502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979502"
},
{
"category": "external",
"summary": "1980818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980818"
},
{
"category": "external",
"summary": "1981331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981331"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1983756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983756"
},
{
"category": "external",
"summary": "1984284",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984284"
},
{
"category": "external",
"summary": "1984334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984334"
},
{
"category": "external",
"summary": "1984396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984396"
},
{
"category": "external",
"summary": "1984735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984735"
},
{
"category": "external",
"summary": "1985074",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985074"
},
{
"category": "external",
"summary": "1986444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986444"
},
{
"category": "external",
"summary": "1986794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986794"
},
{
"category": "external",
"summary": "1987806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1987806"
},
{
"category": "external",
"summary": "1988518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1988518"
},
{
"category": "external",
"summary": "1989482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989482"
},
{
"category": "external",
"summary": "1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "1989575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
},
{
"category": "external",
"summary": "1990230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990230"
},
{
"category": "external",
"summary": "1990409",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990409"
},
{
"category": "external",
"summary": "1990415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990415"
},
{
"category": "external",
"summary": "1991822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991822"
},
{
"category": "external",
"summary": "1992472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992472"
},
{
"category": "external",
"summary": "1994261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994261"
},
{
"category": "external",
"summary": "1994577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994577"
},
{
"category": "external",
"summary": "1994584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994584"
},
{
"category": "external",
"summary": "1994602",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994602"
},
{
"category": "external",
"summary": "1994606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994606"
},
{
"category": "external",
"summary": "1994687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994687"
},
{
"category": "external",
"summary": "1995009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995009"
},
{
"category": "external",
"summary": "1995056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995056"
},
{
"category": "external",
"summary": "1995271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995271"
},
{
"category": "external",
"summary": "1995718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995718"
},
{
"category": "external",
"summary": "1997237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997237"
},
{
"category": "external",
"summary": "1997624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997624"
},
{
"category": "external",
"summary": "1997738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997738"
},
{
"category": "external",
"summary": "1997922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997922"
},
{
"category": "external",
"summary": "1998851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998851"
},
{
"category": "external",
"summary": "1999050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999050"
},
{
"category": "external",
"summary": "1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "1999748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999748"
},
{
"category": "external",
"summary": "1999763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999763"
},
{
"category": "external",
"summary": "1999767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999767"
},
{
"category": "external",
"summary": "2000082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000082"
},
{
"category": "external",
"summary": "2000098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000098"
},
{
"category": "external",
"summary": "2000143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000143"
},
{
"category": "external",
"summary": "2000190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000190"
},
{
"category": "external",
"summary": "2000579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000579"
},
{
"category": "external",
"summary": "2000588",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000588"
},
{
"category": "external",
"summary": "2000860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000860"
},
{
"category": "external",
"summary": "2000865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000865"
},
{
"category": "external",
"summary": "2001482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001482"
},
{
"category": "external",
"summary": "2001539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001539"
},
{
"category": "external",
"summary": "2001580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001580"
},
{
"category": "external",
"summary": "2001970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001970"
},
{
"category": "external",
"summary": "2002225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002225"
},
{
"category": "external",
"summary": "2003444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003444"
},
{
"category": "external",
"summary": "2003904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003904"
},
{
"category": "external",
"summary": "2004003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004003"
},
{
"category": "external",
"summary": "2004013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004013"
},
{
"category": "external",
"summary": "2004030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004030"
},
{
"category": "external",
"summary": "2004824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004824"
},
{
"category": "external",
"summary": "2005103",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005103"
},
{
"category": "external",
"summary": "2005290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005290"
},
{
"category": "external",
"summary": "2005812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005812"
},
{
"category": "external",
"summary": "2005838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005838"
},
{
"category": "external",
"summary": "2005843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005843"
},
{
"category": "external",
"summary": "2005937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005937"
},
{
"category": "external",
"summary": "2006176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006176"
},
{
"category": "external",
"summary": "2006865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006865"
},
{
"category": "external",
"summary": "2007130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007130"
},
{
"category": "external",
"summary": "2007202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007202"
},
{
"category": "external",
"summary": "2007212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007212"
},
{
"category": "external",
"summary": "2007377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007377"
},
{
"category": "external",
"summary": "2007717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007717"
},
{
"category": "external",
"summary": "2010041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010041"
},
{
"category": "external",
"summary": "2010185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010185"
},
{
"category": "external",
"summary": "2010188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010188"
},
{
"category": "external",
"summary": "2010194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010194"
},
{
"category": "external",
"summary": "2010202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010202"
},
{
"category": "external",
"summary": "2011225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011225"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5086.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.9.0 enhancement, security, and bug fix update",
"tracking": {
"current_release_date": "2024-11-15T10:42:00+00:00",
"generator": {
"date": "2024-11-15T10:42:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:5086",
"initial_release_date": "2021-12-13T19:26:22+00:00",
"revision_history": [
{
"date": "2021-12-13T19:26:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-13T19:26:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T10:42:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"product": {
"name": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"product_id": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=4.9-164.57484e3.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"product": {
"name": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"product_id": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=4.9-257.4181add.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"product": {
"name": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"product_id": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=4.9-257.4181add.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"product": {
"name": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"product_id": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=4.9-39.0f2fa23.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"product_id": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=4.9-30.007b3d8.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"product": {
"name": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"product_id": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb?arch=s390x\u0026repository_url=registry.redhat.io/odf/odf-multicluster-rhel8-operator\u0026tag=4.9-30.007b3d8.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"product": {
"name": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"product_id": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=4.9-59.c8bbc1f.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"product": {
"name": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"product_id": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=4.9-27.3d037cc.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"product": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"product_id": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=4.9-219.c3f67c6.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"product": {
"name": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"product_id": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe?arch=s390x\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=4.9-28.82f68db.release_4.9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"product_id": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=4.9-164.57484e3.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"product": {
"name": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"product_id": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=4.9-257.4181add.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"product": {
"name": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"product_id": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=4.9-257.4181add.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"product": {
"name": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"product_id": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=4.9-39.0f2fa23.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"product_id": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=4.9-30.007b3d8.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"product": {
"name": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"product_id": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039?arch=ppc64le\u0026repository_url=registry.redhat.io/odf/odf-multicluster-rhel8-operator\u0026tag=4.9-30.007b3d8.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"product": {
"name": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"product_id": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=4.9-59.c8bbc1f.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"product": {
"name": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"product_id": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=4.9-27.3d037cc.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"product_id": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=4.9-219.c3f67c6.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le",
"product": {
"name": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le",
"product_id": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=4.9-28.82f68db.release_4.9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"product": {
"name": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"product_id": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=4.9-164.57484e3.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"product": {
"name": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"product_id": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=4.9-257.4181add.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"product": {
"name": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"product_id": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=4.9-257.4181add.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"product": {
"name": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"product_id": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=4.9-39.0f2fa23.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"product_id": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=4.9-30.007b3d8.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"product": {
"name": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"product_id": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d?arch=amd64\u0026repository_url=registry.redhat.io/odf/odf-multicluster-rhel8-operator\u0026tag=4.9-30.007b3d8.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"product": {
"name": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"product_id": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=4.9-59.c8bbc1f.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=4.9.0-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"product": {
"name": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"product_id": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=4.9-27.3d037cc.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"product": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"product_id": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=4.9-219.c3f67c6.release_4.9"
}
}
},
{
"category": "product_version",
"name": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"product": {
"name": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"product_id": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336?arch=amd64\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=4.9-28.82f68db.release_4.9"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le"
},
"product_reference": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64"
},
"product_reference": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x"
},
"product_reference": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x"
},
"product_reference": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64"
},
"product_reference": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x"
},
"product_reference": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64"
},
"product_reference": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le"
},
"product_reference": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64"
},
"product_reference": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le"
},
"product_reference": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x"
},
"product_reference": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le"
},
"product_reference": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64"
},
"product_reference": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x"
},
"product_reference": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x"
},
"product_reference": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64"
},
"product_reference": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le"
},
"product_reference": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le"
},
"product_reference": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x"
},
"product_reference": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64"
},
"product_reference": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x"
},
"product_reference": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64"
},
"product_reference": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64"
},
"product_reference": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x"
},
"product_reference": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8",
"product_id": "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
},
"product_reference": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le",
"relates_to_product_reference": "8Base-RH-ODF-4.9"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Patrick Rhomberg"
],
"organization": "purelyapplied",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8565",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2020-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1886638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like `kubectl`. Previously, CVE-2019-11250 was assigned for the same issue for logging levels of at least 4.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel \u003e= 9",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform 4 does not support LogLevels higher than 8 (via \u0027TraceAll\u0027), and is therefore not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8565"
},
{
"category": "external",
"summary": "RHBZ#1886638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8565",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565"
},
{
"category": "external",
"summary": "https://github.com/kubernetes/kubernetes/issues/95623",
"url": "https://github.com/kubernetes/kubernetes/issues/95623"
},
{
"category": "external",
"summary": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk",
"url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"
}
],
"release_date": "2020-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel \u003e= 9"
},
{
"cve": "CVE-2021-32803",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1990415"
}
],
"notes": [
{
"category": "description",
"text": "The npm package \"tar\" (aka node-tar) has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay 3.3 uses an affected version of nodejs-tar. However Quay 3.3 is in extended life phase and a fix will not be delivered[1]. More recent versions of Red Hat Quay do not include nodejs-tar and are not affected.\n\n1. https://access.redhat.com/support/policy/updates/rhquay\n\nRed Hat Enterprise Linux version 8 and Red Hat Software Collection both embed node-tar in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "RHBZ#1990415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-32803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32803"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw"
}
],
"release_date": "2021-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-32804",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1990409"
}
],
"notes": [
{
"category": "description",
"text": "The npm package \"tar\" (aka node-tar) has an arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay 3.3 uses an affected version of nodejs-tar. However Quay 3.3 is in extended life phase and a fix will not be delivered[1]. More recent versions of Red Hat Quay do not include nodejs-tar and are not affected.\n\n1. https://access.redhat.com/support/policy/updates/rhquay\n\nRed Hat Enterprise Linux version 8 and Red Hat Software Collection both embed node-tar in the npm command. A specially crafted node module could create and overwrite files outside of its dedicated directory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "RHBZ#1990409",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990409"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-32804",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32804"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9"
}
],
"release_date": "2021-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-33195",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: lookup functions may return invalid host names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33195"
},
{
"category": "external",
"summary": "RHBZ#1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: lookup functions may return invalid host names"
},
{
"cve": "CVE-2021-33197",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989570"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33197"
},
{
"category": "external",
"summary": "RHBZ#1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty"
},
{
"cve": "CVE-2021-33198",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989575"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33198"
},
{
"category": "external",
"summary": "RHBZ#1989575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
},
{
"cve": "CVE-2021-37701",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999731"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37701"
},
{
"category": "external",
"summary": "RHBZ#1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1779",
"url": "https://www.npmjs.com/advisories/1779"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-37712",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37712"
},
{
"category": "external",
"summary": "RHBZ#1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1780",
"url": "https://www.npmjs.com/advisories/1780"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-13T19:26:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64",
"8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le",
"8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64",
"8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64",
"8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le",
"8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64",
"8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x",
"8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x",
"8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x",
"8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.