rhsa-2022_0728
Vulnerability from csaf_redhat
Published
2022-03-02 12:49
Modified
2024-11-15 07:36
Summary
Red Hat Security Advisory: OpenShift Logging bug fix and security update (5.2.8)
Notes
Topic
OpenShift Logging bug fix and security update (5.2.8)
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Logging bug fix and security update (5.2.8)
Security Fix(es):
* jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491)
* origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409 (CVE-2022-0552)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift Logging bug fix and security update (5.2.8)\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Logging bug fix and security update (5.2.8)\n\nSecurity Fix(es):\n\n* jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491)\n\n* origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409 (CVE-2022-0552)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0728",
"url": "https://access.redhat.com/errata/RHSA-2022:0728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1930423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930423"
},
{
"category": "external",
"summary": "2052539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052539"
},
{
"category": "external",
"summary": "LOG-2180",
"url": "https://issues.redhat.com/browse/LOG-2180"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0728.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Logging bug fix and security update (5.2.8)",
"tracking": {
"current_release_date": "2024-11-15T07:36:30+00:00",
"generator": {
"date": "2024-11-15T07:36:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0728",
"initial_release_date": "2022-03-02T12:49:18+00:00",
"revision_history": [
{
"date": "2022-03-02T12:49:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-02T12:49:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T07:36:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.2",
"product": {
"name": "OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.8-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-131"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-95"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-89"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-124"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-143"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.2.8-21"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.8-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.2.8-21"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-131"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-95"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-89"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-124"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-143"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.8-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-131"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-95"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-89"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-124"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-143"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-28491",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930423"
}
],
"notes": [
{
"category": "description",
"text": "This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive/presto/hadoop components that comprise the OCP metering stack, ship the vulnerable version of jackson-dataformat-cbor.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nIn OCP 4.6 the openshift4/ose-logging-elasticsearch6 container delivers the vulnerable version of jackson-dataformat-cbor, but OCP 4.6 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support, hence this component is marked as ooss. Since the release of OCP 4.7 this component is delivered as part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8 container).\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28491"
},
{
"category": "external",
"summary": "RHBZ#1930423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28491"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329"
}
],
"release_date": "2021-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-02T12:49:18+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0728"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception"
},
{
"cve": "CVE-2022-0552",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-02-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2052539"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE only applies to the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container image, shipped in OpenShift Logging 5.1, 5.2. and 5.3.\nhttps://access.redhat.com/errata/RHSA-2021:5128\nhttps://access.redhat.com/errata/RHSA-2021:5127\nhttps://access.redhat.com/errata/RHSA-2021:5129",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:9efd48f4378762483bfdb26fbd7ed7a1a6799c6733bf83ed19d71d50a9421c1f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:225f1719b0787f94719c2216b6583d25897029438692b848c49d19e265954185_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:6d3fcd50e4a91d443bf89b0d90facdb1d0820fa894a7b8c81360707b9b45ccce_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:f0d88550ea2f1010d0c3fa4cfb09876fa21bb49fc716392c37d7899b367ed07c_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:fccef8d73e96a5c1c11b3735a090a63d6eb28ccc3d7a1c7c5f4f3bd7527ca520_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:22e87477e77c383c37ec55eed45e2bd3733754797b4196e35201dad338fa9281_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ae70043ba3b8904a63d61e52e051185f0a3f59ec11c6ac4fa7d1139dfa7ad167_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:ba10146ab50d0a83a6abebd759eda3570758ffdb6f4e986d7e748a21468d4167_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:8a4da049c3794c4255d4e7239aacc728657d319a5b69ec3e3b32190f22129480_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:b6bc9ea3d48eb1e9566edbd8ca7432e64fd197a127f8a96c0d7c8f945909a9b6_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:bb8a82cc3ff02bd474b49ec082c6d558683935e0a8d8cf2c05a9305fc348f6d3_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:75bb761611ed91b2126434aee70c4666f42252595a876620cedab681888620c4_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:91e4e19f4b901cadb192976abade0aa0db99f9b7cb8b194debdc0b06c7378ea9_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:e4c5d3195ebcf8b32da14c7d24cbcd82e985591a4fc4a12b8792b6161d50b672_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:0ed6f883450cdfa87a852c378f0d8a8747338bfc1062b3ea74437b6ec419371f_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:17ecd7ca8ea56b342eb24151731f7d964f960acbffc8ffdae11d6438eecf55c1_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:54dd96900e62e20ddb62669a27e94f361436bdfb825ad8bae019bb40fb0b327c_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:3a8ce4fdc8d0f4b35722a6e9a220b8c859e0441543c2bf0ccd9e362e3211e300_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:516595732dcdbe8d8a6f4cf22811dea392218f45d9e353ef7c0ded2df9145bfb_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:aa99fdb8e81493936042ce49462839dda445a1f3a97ebfe1a51d8853eba02703_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:2ca801a49b219d407e677d6a61d29bd84a9b086b584ad5fbc71dd0995c658064_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a6a7311749763649bb905715259f3fa43b9660e19074747f5f2447c48de4ec6b_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:de9b764d47745031f1ba421c7f46c4250f0fdcc96baf8186b99684ebbdb79692_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c220a4d86d66a634619c2a5e89a0a069ee4b21e6703b718141157602bf5a7b4_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:266deb640ee061cf25d2716d97ec2fe0cf5a33888de74ef218f9444f517b681d_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:33ab888bd156705996f32cb1c5b3480aa17f7c45444bfc117ea1b791466d8609_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0552"
},
{
"category": "external",
"summary": "RHBZ#2052539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052539"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0552"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-21409",
"url": "https://access.redhat.com/security/cve/CVE-2021-21409"
}
],
"release_date": "2022-02-28T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-02T12:49:18+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0728"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:1a67ec9c7200171f5ec1fb56f256afdcd35e9e77c36fb9c3556ce89878d32b44_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:da7b9ef17d773085962a7d5fe71fdb5ba7a414a76f80e537433eec4d95b2bdb4_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:ed95cf0214ef4865013773140f920fa7f6f5b39e357ef88c54ea5e28727fa835_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.