rhsa-2022_0947
Vulnerability from csaf_redhat
Published
2022-03-16 15:45
Modified
2024-12-17 21:54
Summary
Red Hat Security Advisory: OpenShift Virtualization 4.10.0 Images security and bug fix update

Notes

Topic
Red Hat OpenShift Virtualization release 4.10.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 4.10.0 images: RHEL-8-CNV-4.10 ============== kubevirt-velero-plugin-container-v4.10.0-8 virtio-win-container-v4.10.0-10 kubevirt-template-validator-container-v4.10.0-16 hostpath-csi-driver-container-v4.10.0-32 hostpath-provisioner-container-v4.10.0-32 hostpath-provisioner-operator-container-v4.10.0-62 cnv-must-gather-container-v4.10.0-110 virt-cdi-controller-container-v4.10.0-90 virt-cdi-apiserver-container-v4.10.0-90 virt-cdi-uploadserver-container-v4.10.0-90 virt-cdi-uploadproxy-container-v4.10.0-90 virt-cdi-operator-container-v4.10.0-90 virt-cdi-cloner-container-v4.10.0-90 virt-cdi-importer-container-v4.10.0-90 kubevirt-ssp-operator-container-v4.10.0-50 virt-api-container-v4.10.0-217 hyperconverged-cluster-webhook-container-v4.10.0-133 libguestfs-tools-container-v4.10.0-217 virt-handler-container-v4.10.0-217 virt-launcher-container-v4.10.0-217 virt-artifacts-server-container-v4.10.0-217 virt-controller-container-v4.10.0-217 node-maintenance-operator-container-v4.10.0-48 hyperconverged-cluster-operator-container-v4.10.0-133 virt-operator-container-v4.10.0-217 cnv-containernetworking-plugins-container-v4.10.0-49 kubemacpool-container-v4.10.0-49 bridge-marker-container-v4.10.0-49 ovs-cni-marker-container-v4.10.0-49 ovs-cni-plugin-container-v4.10.0-49 kubernetes-nmstate-handler-container-v4.10.0-49 cluster-network-addons-operator-container-v4.10.0-49 hco-bundle-registry-container-v4.10.0-696 Security Fix(es): * golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) * golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923) * golang: net: lookup functions may return invalid host names (CVE-2021-33195) * golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) * golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198) * golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) * golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221) * golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Virtualization release 4.10.0 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.10.0 images:\n\nRHEL-8-CNV-4.10\n\n==============\n\nkubevirt-velero-plugin-container-v4.10.0-8\nvirtio-win-container-v4.10.0-10\nkubevirt-template-validator-container-v4.10.0-16\nhostpath-csi-driver-container-v4.10.0-32\nhostpath-provisioner-container-v4.10.0-32\nhostpath-provisioner-operator-container-v4.10.0-62\ncnv-must-gather-container-v4.10.0-110\nvirt-cdi-controller-container-v4.10.0-90\nvirt-cdi-apiserver-container-v4.10.0-90\nvirt-cdi-uploadserver-container-v4.10.0-90\nvirt-cdi-uploadproxy-container-v4.10.0-90\nvirt-cdi-operator-container-v4.10.0-90\nvirt-cdi-cloner-container-v4.10.0-90\nvirt-cdi-importer-container-v4.10.0-90\nkubevirt-ssp-operator-container-v4.10.0-50\nvirt-api-container-v4.10.0-217\nhyperconverged-cluster-webhook-container-v4.10.0-133\nlibguestfs-tools-container-v4.10.0-217\nvirt-handler-container-v4.10.0-217\nvirt-launcher-container-v4.10.0-217\nvirt-artifacts-server-container-v4.10.0-217\nvirt-controller-container-v4.10.0-217\nnode-maintenance-operator-container-v4.10.0-48\nhyperconverged-cluster-operator-container-v4.10.0-133\nvirt-operator-container-v4.10.0-217\ncnv-containernetworking-plugins-container-v4.10.0-49\nkubemacpool-container-v4.10.0-49\nbridge-marker-container-v4.10.0-49\novs-cni-marker-container-v4.10.0-49\novs-cni-plugin-container-v4.10.0-49\nkubernetes-nmstate-handler-container-v4.10.0-49\ncluster-network-addons-operator-container-v4.10.0-49\nhco-bundle-registry-container-v4.10.0-696\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\n* golang: syscall: don\u0027t close fd 0 on ForkExec error (CVE-2021-44717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:0947",
        "url": "https://access.redhat.com/errata/RHSA-2022:0947"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1760028",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760028"
      },
      {
        "category": "external",
        "summary": "1855182",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855182"
      },
      {
        "category": "external",
        "summary": "1906151",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906151"
      },
      {
        "category": "external",
        "summary": "1918294",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918294"
      },
      {
        "category": "external",
        "summary": "1935217",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935217"
      },
      {
        "category": "external",
        "summary": "1945586",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945586"
      },
      {
        "category": "external",
        "summary": "1958085",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958085"
      },
      {
        "category": "external",
        "summary": "1959039",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959039"
      },
      {
        "category": "external",
        "summary": "1975978",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975978"
      },
      {
        "category": "external",
        "summary": "1983079",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983079"
      },
      {
        "category": "external",
        "summary": "1983596",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
      },
      {
        "category": "external",
        "summary": "1986970",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986970"
      },
      {
        "category": "external",
        "summary": "1987009",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1987009"
      },
      {
        "category": "external",
        "summary": "1989564",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
      },
      {
        "category": "external",
        "summary": "1989570",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
      },
      {
        "category": "external",
        "summary": "1989575",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
      },
      {
        "category": "external",
        "summary": "1990061",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990061"
      },
      {
        "category": "external",
        "summary": "1992006",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
      },
      {
        "category": "external",
        "summary": "1992231",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992231"
      },
      {
        "category": "external",
        "summary": "1993454",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993454"
      },
      {
        "category": "external",
        "summary": "1995656",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
      },
      {
        "category": "external",
        "summary": "1997540",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997540"
      },
      {
        "category": "external",
        "summary": "1998300",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998300"
      },
      {
        "category": "external",
        "summary": "1999110",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999110"
      },
      {
        "category": "external",
        "summary": "1999636",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999636"
      },
      {
        "category": "external",
        "summary": "2000480",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000480"
      },
      {
        "category": "external",
        "summary": "2001984",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001984"
      },
      {
        "category": "external",
        "summary": "2001987",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001987"
      },
      {
        "category": "external",
        "summary": "2002272",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002272"
      },
      {
        "category": "external",
        "summary": "2003704",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003704"
      },
      {
        "category": "external",
        "summary": "2007397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007397"
      },
      {
        "category": "external",
        "summary": "2008140",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008140"
      },
      {
        "category": "external",
        "summary": "2008411",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008411"
      },
      {
        "category": "external",
        "summary": "2008938",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008938"
      },
      {
        "category": "external",
        "summary": "2008949",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008949"
      },
      {
        "category": "external",
        "summary": "2008975",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008975"
      },
      {
        "category": "external",
        "summary": "2010540",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010540"
      },
      {
        "category": "external",
        "summary": "2010908",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010908"
      },
      {
        "category": "external",
        "summary": "2012920",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012920"
      },
      {
        "category": "external",
        "summary": "2013160",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013160"
      },
      {
        "category": "external",
        "summary": "2013455",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013455"
      },
      {
        "category": "external",
        "summary": "2015327",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015327"
      },
      {
        "category": "external",
        "summary": "2017255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2017255"
      },
      {
        "category": "external",
        "summary": "2018457",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018457"
      },
      {
        "category": "external",
        "summary": "2018925",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018925"
      },
      {
        "category": "external",
        "summary": "2018970",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018970"
      },
      {
        "category": "external",
        "summary": "2019053",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019053"
      },
      {
        "category": "external",
        "summary": "2021992",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021992"
      },
      {
        "category": "external",
        "summary": "2025295",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025295"
      },
      {
        "category": "external",
        "summary": "2025750",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025750"
      },
      {
        "category": "external",
        "summary": "2025878",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025878"
      },
      {
        "category": "external",
        "summary": "2026336",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026336"
      },
      {
        "category": "external",
        "summary": "2026363",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026363"
      },
      {
        "category": "external",
        "summary": "2026665",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026665"
      },
      {
        "category": "external",
        "summary": "2026667",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026667"
      },
      {
        "category": "external",
        "summary": "2027420",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027420"
      },
      {
        "category": "external",
        "summary": "2027922",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027922"
      },
      {
        "category": "external",
        "summary": "2029343",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029343"
      },
      {
        "category": "external",
        "summary": "2029767",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029767"
      },
      {
        "category": "external",
        "summary": "2030660",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030660"
      },
      {
        "category": "external",
        "summary": "2030686",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030686"
      },
      {
        "category": "external",
        "summary": "2030801",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
      },
      {
        "category": "external",
        "summary": "2030806",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
      },
      {
        "category": "external",
        "summary": "2031033",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031033"
      },
      {
        "category": "external",
        "summary": "2031688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031688"
      },
      {
        "category": "external",
        "summary": "2031727",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031727"
      },
      {
        "category": "external",
        "summary": "2031919",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031919"
      },
      {
        "category": "external",
        "summary": "2032045",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032045"
      },
      {
        "category": "external",
        "summary": "2032845",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032845"
      },
      {
        "category": "external",
        "summary": "2032873",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032873"
      },
      {
        "category": "external",
        "summary": "2032876",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032876"
      },
      {
        "category": "external",
        "summary": "2033240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033240"
      },
      {
        "category": "external",
        "summary": "2033252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033252"
      },
      {
        "category": "external",
        "summary": "2034544",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034544"
      },
      {
        "category": "external",
        "summary": "2035008",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035008"
      },
      {
        "category": "external",
        "summary": "2035324",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035324"
      },
      {
        "category": "external",
        "summary": "2035658",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035658"
      },
      {
        "category": "external",
        "summary": "2035677",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035677"
      },
      {
        "category": "external",
        "summary": "2036220",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036220"
      },
      {
        "category": "external",
        "summary": "2036483",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036483"
      },
      {
        "category": "external",
        "summary": "2036605",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036605"
      },
      {
        "category": "external",
        "summary": "2037270",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037270"
      },
      {
        "category": "external",
        "summary": "2037290",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037290"
      },
      {
        "category": "external",
        "summary": "2037312",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037312"
      },
      {
        "category": "external",
        "summary": "2037421",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037421"
      },
      {
        "category": "external",
        "summary": "2038679",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038679"
      },
      {
        "category": "external",
        "summary": "2038825",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038825"
      },
      {
        "category": "external",
        "summary": "2038831",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038831"
      },
      {
        "category": "external",
        "summary": "2038985",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038985"
      },
      {
        "category": "external",
        "summary": "2039196",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039196"
      },
      {
        "category": "external",
        "summary": "2039208",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039208"
      },
      {
        "category": "external",
        "summary": "2039489",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039489"
      },
      {
        "category": "external",
        "summary": "2039683",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039683"
      },
      {
        "category": "external",
        "summary": "2039686",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039686"
      },
      {
        "category": "external",
        "summary": "2039691",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039691"
      },
      {
        "category": "external",
        "summary": "2040113",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040113"
      },
      {
        "category": "external",
        "summary": "2040115",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040115"
      },
      {
        "category": "external",
        "summary": "2041519",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041519"
      },
      {
        "category": "external",
        "summary": "2041530",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041530"
      },
      {
        "category": "external",
        "summary": "2042139",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042139"
      },
      {
        "category": "external",
        "summary": "2042799",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042799"
      },
      {
        "category": "external",
        "summary": "2042842",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042842"
      },
      {
        "category": "external",
        "summary": "2042856",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042856"
      },
      {
        "category": "external",
        "summary": "2042880",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042880"
      },
      {
        "category": "external",
        "summary": "2042908",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042908"
      },
      {
        "category": "external",
        "summary": "2044348",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044348"
      },
      {
        "category": "external",
        "summary": "2044398",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044398"
      },
      {
        "category": "external",
        "summary": "2046271",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046271"
      },
      {
        "category": "external",
        "summary": "2048227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048227"
      },
      {
        "category": "external",
        "summary": "2048275",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048275"
      },
      {
        "category": "external",
        "summary": "2051105",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051105"
      },
      {
        "category": "external",
        "summary": "2051693",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051693"
      },
      {
        "category": "external",
        "summary": "2051968",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051968"
      },
      {
        "category": "external",
        "summary": "2052489",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052489"
      },
      {
        "category": "external",
        "summary": "2053027",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053027"
      },
      {
        "category": "external",
        "summary": "2058167",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058167"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0947.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift Virtualization 4.10.0 Images security and bug fix update",
    "tracking": {
      "current_release_date": "2024-12-17T21:54:52+00:00",
      "generator": {
        "date": "2024-12-17T21:54:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.3"
        }
      },
      "id": "RHSA-2022:0947",
      "initial_release_date": "2022-03-16T15:45:58+00:00",
      "revision_history": [
        {
          "date": "2022-03-16T15:45:58+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-03-16T15:45:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-17T21:54:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "CNV 4.10 for RHEL 8",
                "product": {
                  "name": "CNV 4.10 for RHEL 8",
                  "product_id": "8Base-CNV-4.10",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:container_native_virtualization:4.10::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "OpenShift Virtualization"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
                "product": {
                  "name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
                  "product_id": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
                "product": {
                  "name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
                  "product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
                "product": {
                  "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
                  "product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
                "product": {
                  "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
                  "product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.10.0-110"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
                "product": {
                  "name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
                  "product_id": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.10.0-696"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                  "product_id": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver-rhel8\u0026tag=v4.10.0-32"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                  "product_id": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver\u0026tag=v4.10.0-32"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
                  "product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.10.0-32"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
                  "product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.10.0-62"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
                "product": {
                  "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
                  "product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.10.0-133"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
                "product": {
                  "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
                  "product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.10.0-133"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
                "product": {
                  "name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
                  "product_id": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
                "product": {
                  "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
                  "product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
                  "product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.10.0-50"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
                  "product_id": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.10.0-16"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
                "product": {
                  "name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
                  "product_id": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
                "product": {
                  "name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
                  "product_id": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.10.0-48"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
                "product": {
                  "name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
                  "product_id": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
                "product": {
                  "name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
                  "product_id": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
                  "product_id": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
                  "product_id": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
                  "product_id": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
                  "product_id": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
                "product": {
                  "name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
                  "product_id": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.10.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
                  "product_id": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
                  "product_id": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.10.0-217"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64"
        },
        "product_reference": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64"
        },
        "product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64"
        },
        "product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
        },
        "product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64"
        },
        "product_reference": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64"
        },
        "product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
        },
        "product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64"
        },
        "product_reference": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64"
        },
        "product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64"
        },
        "product_reference": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64"
        },
        "product_reference": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64"
        },
        "product_reference": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64"
        },
        "product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64"
        },
        "product_reference": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64"
        },
        "product_reference": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64"
        },
        "product_reference": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64"
        },
        "product_reference": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64"
        },
        "product_reference": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64"
        },
        "product_reference": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        },
        "product_reference": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-29923",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-08-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1992006"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-29923"
        },
        {
          "category": "external",
          "summary": "RHBZ#1992006",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
        },
        {
          "category": "external",
          "summary": "https://sick.codes/sick-2021-016/",
          "url": "https://sick.codes/sick-2021-016/"
        }
      ],
      "release_date": "2021-03-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
    },
    {
      "cve": "CVE-2021-33195",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-08-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1989564"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net: lookup functions may return invalid host names",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-33195"
        },
        {
          "category": "external",
          "summary": "RHBZ#1989564",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33195",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
          "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
        }
      ],
      "release_date": "2021-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net: lookup functions may return invalid host names"
    },
    {
      "cve": "CVE-2021-33197",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-08-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1989570"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-33197"
        },
        {
          "category": "external",
          "summary": "RHBZ#1989570",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33197",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
          "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
        }
      ],
      "release_date": "2021-05-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty"
    },
    {
      "cve": "CVE-2021-33198",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-08-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1989575"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-33198"
        },
        {
          "category": "external",
          "summary": "RHBZ#1989575",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33198",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
          "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
        }
      ],
      "release_date": "2021-03-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents"
    },
    {
      "cve": "CVE-2021-34558",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1983596"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n    - OpenShift Container Platform\n    - OpenShift distributed tracing (formerly OpenShift Jaeger)\n    - OpenShift Migration Toolkit for Containers\n    - Red Hat Advanced Cluster Management for Kubernetes\n    - Red Hat OpenShift on AWS\n    - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-34558"
        },
        {
          "category": "external",
          "summary": "RHBZ#1983596",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
        },
        {
          "category": "external",
          "summary": "https://golang.org/doc/devel/release#go1.15.minor",
          "url": "https://golang.org/doc/devel/release#go1.15.minor"
        },
        {
          "category": "external",
          "summary": "https://golang.org/doc/devel/release#go1.16.minor",
          "url": "https://golang.org/doc/devel/release#go1.16.minor"
        }
      ],
      "release_date": "2021-07-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
    },
    {
      "cve": "CVE-2021-36221",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "discovery_date": "2021-08-10T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1995656"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash.  The highest threat from this vulnerability is to Availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-36221"
        },
        {
          "category": "external",
          "summary": "RHBZ#1995656",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
          "url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
        }
      ],
      "release_date": "2021-08-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
    },
    {
      "cve": "CVE-2021-44716",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2030801"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: limit growth of header canonicalization cache",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "RHBZ#2030801",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
          "url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: limit growth of header canonicalization cache"
    },
    {
      "cve": "CVE-2021-44717",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2030806"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "RHBZ#2030806",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
          "url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "This bug can be mitigated by raising the per-process file descriptor limit.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.