rhsa-2022_0721
Vulnerability from csaf_redhat
Published
2022-03-01 14:05
Modified
2024-09-16 07:19
Summary
Red Hat Security Advisory: OpenShift Logging bug fix and security update (5.3.5)
Notes
Topic
OpenShift Logging bug fix and security update (5.3.5)
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Logging bug fix and security update (5.3.5)
Security Fix(es):
* jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491)
* origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409 (CVE-2022-0552)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift Logging bug fix and security update (5.3.5)\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Logging bug fix and security update (5.3.5)\n\nSecurity Fix(es):\n\n* jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491)\n\n* origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409 (CVE-2022-0552)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0721",
"url": "https://access.redhat.com/errata/RHSA-2022:0721"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1930423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930423"
},
{
"category": "external",
"summary": "2052539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052539"
},
{
"category": "external",
"summary": "LOG-2182",
"url": "https://issues.redhat.com/browse/LOG-2182"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0721.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Logging bug fix and security update (5.3.5)",
"tracking": {
"current_release_date": "2024-09-16T07:19:49+00:00",
"generator": {
"date": "2024-09-16T07:19:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0721",
"initial_release_date": "2022-03-01T14:05:10+00:00",
"revision_history": [
{
"date": "2022-03-01T14:05:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-01T14:05:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T07:19:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.3",
"product": {
"name": "OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-130"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-94"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-88"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-123"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-125"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-124"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-142"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.5-20"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.5-20"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-130"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-94"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-88"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-123"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-125"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-124"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-142"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-130"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-94"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-88"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-123"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-125"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-124"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-142"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-28491",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930423"
}
],
"notes": [
{
"category": "description",
"text": "This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive/presto/hadoop components that comprise the OCP metering stack, ship the vulnerable version of jackson-dataformat-cbor.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nIn OCP 4.6 the openshift4/ose-logging-elasticsearch6 container delivers the vulnerable version of jackson-dataformat-cbor, but OCP 4.6 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support, hence this component is marked as ooss. Since the release of OCP 4.7 this component is delivered as part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8 container).\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28491"
},
{
"category": "external",
"summary": "RHBZ#1930423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28491"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329"
}
],
"release_date": "2021-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0721"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception"
},
{
"cve": "CVE-2022-0552",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-02-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2052539"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE only applies to the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container image, shipped in OpenShift Logging 5.1, 5.2. and 5.3.\nhttps://access.redhat.com/errata/RHSA-2021:5128\nhttps://access.redhat.com/errata/RHSA-2021:5127\nhttps://access.redhat.com/errata/RHSA-2021:5129",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:f5ac97299bfda317727e6183382bb86b95aed1c2bc09ab54aad385e1a8858e63_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:467401c3ee624cd2865a1fb452a61eff279db33210d257d7b1a40ac2bd1bf673_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:af8ba54b3b2a20c7213a488ed4dfa8cc23a1b191876ac0153b1721ead5ee25cd_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:b9738cefdb34c7aea5c1f85be131cfe954db68dfe92cd68695a9fe3ba0bb3f80_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:00a4fa1ea4d2b2f3bf01e7619c82a82c6311074826529b17e2da963fc674ea71_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:008d0a08f6709e43256f24e8f2e1d09c741fed0ce44fd797841758074e13a706_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:094d032c064e9070a854b22cbb17b6c6ee2a13d79d7fb2ea280d9317bea9c127_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf47538a0d80f98aa381d7ab4c494edd39966c008096cfd401816f7314fcf297_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:b31540b3d83ca8662490adde87ff2476409af79732cb6ece25fa5978d53dcb7f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ec92e6a2f50b449c4d3be9f18be755d27472dc78507dba507b94ab6e99e1ffbe_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ed698ce3b82a28fdb8c840a8044582267aeac63f5efc5f738b07c47702bdc415_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:52aebe51beff433a07e082dd6e216d829c0ae9550619e2328439711e5500d669_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:8edfdc9d20c8b27a9db95a60f22b47b301d256ca2a5065221fff6f9e9d264967_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:ebe6b31d2539e1f681fae6c8cfea976b49713b312664109cd8417ad44627104e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:66211196d4ff951e4cca7a14cba3f68ef53f8f1c9b519d4c003dcb7453354092_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:682ab65a22b1cae091d350a64e1e257e2ee60d5c1ace0b7a48ebfc3def12d653_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:6ef44ba2113a4bb01f60303e6d3fc1a266f66c819835059775691ec2efc56012_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:23f9af5bdcab236bab3a69be91d0a28109ded4c5ba8b3aa003dbda4d61a96e6a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:e23695d5de32cca92ca32975ae9b0675b4727ea3d08c1b6d22b20d4ac7bc812b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:f7d953873ae6217c5770ed723d3c8af955bd94da5a3019a1e16731e6fc4bd541_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:bff9a31f21dc09ff3f360283105a0909a784dad6e645d8df2ceaad0d0452e89d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:e2d366572b10506dd9b434c068552b58444c8b41c8310ad96aaeeafc942b2720_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fe256c90e0075d9e8a3bd7a75454057af22b3f563aeee96ff6fba0dfcabe3d4f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:2083543ee79daf0f1cd7038de95a0ba750793401756ab83fe32a778401b7a851_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:4468638de88d588631009c5084f68235ddabfea9feb06f1b0cf804e010934853_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:f68ec854c7a504e0c48eb1c6713fcce385475e15013ec6ae76dbed8806b19955_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0552"
},
{
"category": "external",
"summary": "RHBZ#2052539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052539"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0552"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-21409",
"url": "https://access.redhat.com/security/cve/CVE-2021-21409"
}
],
"release_date": "2022-02-28T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0721"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:481473fbd18dc15b86f2f6fdfd3bdfe2a4c7b7cf15bcf2f7ce905716af58e6e5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:6245ddb9e393fe3d43fdc9f5c98158670b98cde48488204f23a4485276da32f9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:7a0496256e0a18bea6e499ee315bd42a13d49ef42fe5092fa43601553803f833_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409"
}
]
}
Loading...