RHSA-2022_0947

Vulnerability from csaf_redhat - Published: 2022-03-16 15:45 - Updated: 2024-12-17 21:54
Summary
Red Hat Security Advisory: OpenShift Virtualization 4.10.0 Images security and bug fix update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Virtualization release 4.10.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 4.10.0 images: RHEL-8-CNV-4.10 ============== kubevirt-velero-plugin-container-v4.10.0-8 virtio-win-container-v4.10.0-10 kubevirt-template-validator-container-v4.10.0-16 hostpath-csi-driver-container-v4.10.0-32 hostpath-provisioner-container-v4.10.0-32 hostpath-provisioner-operator-container-v4.10.0-62 cnv-must-gather-container-v4.10.0-110 virt-cdi-controller-container-v4.10.0-90 virt-cdi-apiserver-container-v4.10.0-90 virt-cdi-uploadserver-container-v4.10.0-90 virt-cdi-uploadproxy-container-v4.10.0-90 virt-cdi-operator-container-v4.10.0-90 virt-cdi-cloner-container-v4.10.0-90 virt-cdi-importer-container-v4.10.0-90 kubevirt-ssp-operator-container-v4.10.0-50 virt-api-container-v4.10.0-217 hyperconverged-cluster-webhook-container-v4.10.0-133 libguestfs-tools-container-v4.10.0-217 virt-handler-container-v4.10.0-217 virt-launcher-container-v4.10.0-217 virt-artifacts-server-container-v4.10.0-217 virt-controller-container-v4.10.0-217 node-maintenance-operator-container-v4.10.0-48 hyperconverged-cluster-operator-container-v4.10.0-133 virt-operator-container-v4.10.0-217 cnv-containernetworking-plugins-container-v4.10.0-49 kubemacpool-container-v4.10.0-49 bridge-marker-container-v4.10.0-49 ovs-cni-marker-container-v4.10.0-49 ovs-cni-plugin-container-v4.10.0-49 kubernetes-nmstate-handler-container-v4.10.0-49 cluster-network-addons-operator-container-v4.10.0-49 hco-bundle-registry-container-v4.10.0-696 Security Fix(es): * golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) * golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923) * golang: net: lookup functions may return invalid host names (CVE-2021-33195) * golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) * golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198) * golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) * golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221) * golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2021-29923

A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

7.3 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE-20 - Improper Input Validation
Affected products
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64
Workaround
Threats
Impact Moderate
CVE-2021-33195

A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CWE-20 - Improper Input Validation
Affected products
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64
Threats
Impact Moderate
CVE-2021-33197

A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.

5.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CWE-20 - Improper Input Validation
Affected products
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64
Threats
Impact Moderate
CVE-2021-33198

A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 - Uncontrolled Resource Consumption
Affected products
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64
Threats
Impact Moderate
CVE-2021-34558

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0–1.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.

6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE-20 - Improper Input Validation
Affected products
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64
Workaround
Threats
Impact Low
CVE-2021-36221

A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.

5.9 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64
Workaround
Threats
Impact Moderate
CVE-2021-44716

There's an uncontrolled resource consumption flaw in golang's net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http's http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 - Uncontrolled Resource Consumption
Affected products
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64
Workaround
Threats
Impact Moderate
CVE-2021-44717

There's a flaw in golang's syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().

4.8 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Affected products
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64
Vendor Fix fix
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64
Workaround
Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64
Workaround
Threats
Impact Moderate
References
URL Category
https://access.redhat.com/errata/RHSA-2022:0947 self
https://access.redhat.com/security/updates/classi… external
https://bugzilla.redhat.com/show_bug.cgi?id=1760028 external
https://bugzilla.redhat.com/show_bug.cgi?id=1855182 external
https://bugzilla.redhat.com/show_bug.cgi?id=1906151 external
https://bugzilla.redhat.com/show_bug.cgi?id=1918294 external
https://bugzilla.redhat.com/show_bug.cgi?id=1935217 external
https://bugzilla.redhat.com/show_bug.cgi?id=1945586 external
https://bugzilla.redhat.com/show_bug.cgi?id=1958085 external
https://bugzilla.redhat.com/show_bug.cgi?id=1959039 external
https://bugzilla.redhat.com/show_bug.cgi?id=1975978 external
https://bugzilla.redhat.com/show_bug.cgi?id=1983079 external
https://bugzilla.redhat.com/show_bug.cgi?id=1983596 external
https://bugzilla.redhat.com/show_bug.cgi?id=1986970 external
https://bugzilla.redhat.com/show_bug.cgi?id=1987009 external
https://bugzilla.redhat.com/show_bug.cgi?id=1989564 external
https://bugzilla.redhat.com/show_bug.cgi?id=1989570 external
https://bugzilla.redhat.com/show_bug.cgi?id=1989575 external
https://bugzilla.redhat.com/show_bug.cgi?id=1990061 external
https://bugzilla.redhat.com/show_bug.cgi?id=1992006 external
https://bugzilla.redhat.com/show_bug.cgi?id=1992231 external
https://bugzilla.redhat.com/show_bug.cgi?id=1993454 external
https://bugzilla.redhat.com/show_bug.cgi?id=1995656 external
https://bugzilla.redhat.com/show_bug.cgi?id=1997540 external
https://bugzilla.redhat.com/show_bug.cgi?id=1998300 external
https://bugzilla.redhat.com/show_bug.cgi?id=1999110 external
https://bugzilla.redhat.com/show_bug.cgi?id=1999636 external
https://bugzilla.redhat.com/show_bug.cgi?id=2000480 external
https://bugzilla.redhat.com/show_bug.cgi?id=2001984 external
https://bugzilla.redhat.com/show_bug.cgi?id=2001987 external
https://bugzilla.redhat.com/show_bug.cgi?id=2002272 external
https://bugzilla.redhat.com/show_bug.cgi?id=2003704 external
https://bugzilla.redhat.com/show_bug.cgi?id=2007397 external
https://bugzilla.redhat.com/show_bug.cgi?id=2008140 external
https://bugzilla.redhat.com/show_bug.cgi?id=2008411 external
https://bugzilla.redhat.com/show_bug.cgi?id=2008938 external
https://bugzilla.redhat.com/show_bug.cgi?id=2008949 external
https://bugzilla.redhat.com/show_bug.cgi?id=2008975 external
https://bugzilla.redhat.com/show_bug.cgi?id=2010540 external
https://bugzilla.redhat.com/show_bug.cgi?id=2010908 external
https://bugzilla.redhat.com/show_bug.cgi?id=2012920 external
https://bugzilla.redhat.com/show_bug.cgi?id=2013160 external
https://bugzilla.redhat.com/show_bug.cgi?id=2013455 external
https://bugzilla.redhat.com/show_bug.cgi?id=2015327 external
https://bugzilla.redhat.com/show_bug.cgi?id=2017255 external
https://bugzilla.redhat.com/show_bug.cgi?id=2018457 external
https://bugzilla.redhat.com/show_bug.cgi?id=2018925 external
https://bugzilla.redhat.com/show_bug.cgi?id=2018970 external
https://bugzilla.redhat.com/show_bug.cgi?id=2019053 external
https://bugzilla.redhat.com/show_bug.cgi?id=2021992 external
https://bugzilla.redhat.com/show_bug.cgi?id=2025295 external
https://bugzilla.redhat.com/show_bug.cgi?id=2025750 external
https://bugzilla.redhat.com/show_bug.cgi?id=2025878 external
https://bugzilla.redhat.com/show_bug.cgi?id=2026336 external
https://bugzilla.redhat.com/show_bug.cgi?id=2026363 external
https://bugzilla.redhat.com/show_bug.cgi?id=2026665 external
https://bugzilla.redhat.com/show_bug.cgi?id=2026667 external
https://bugzilla.redhat.com/show_bug.cgi?id=2027420 external
https://bugzilla.redhat.com/show_bug.cgi?id=2027922 external
https://bugzilla.redhat.com/show_bug.cgi?id=2029343 external
https://bugzilla.redhat.com/show_bug.cgi?id=2029767 external
https://bugzilla.redhat.com/show_bug.cgi?id=2030660 external
https://bugzilla.redhat.com/show_bug.cgi?id=2030686 external
https://bugzilla.redhat.com/show_bug.cgi?id=2030801 external
https://bugzilla.redhat.com/show_bug.cgi?id=2030806 external
https://bugzilla.redhat.com/show_bug.cgi?id=2031033 external
https://bugzilla.redhat.com/show_bug.cgi?id=2031688 external
https://bugzilla.redhat.com/show_bug.cgi?id=2031727 external
https://bugzilla.redhat.com/show_bug.cgi?id=2031919 external
https://bugzilla.redhat.com/show_bug.cgi?id=2032045 external
https://bugzilla.redhat.com/show_bug.cgi?id=2032845 external
https://bugzilla.redhat.com/show_bug.cgi?id=2032873 external
https://bugzilla.redhat.com/show_bug.cgi?id=2032876 external
https://bugzilla.redhat.com/show_bug.cgi?id=2033240 external
https://bugzilla.redhat.com/show_bug.cgi?id=2033252 external
https://bugzilla.redhat.com/show_bug.cgi?id=2034544 external
https://bugzilla.redhat.com/show_bug.cgi?id=2035008 external
https://bugzilla.redhat.com/show_bug.cgi?id=2035324 external
https://bugzilla.redhat.com/show_bug.cgi?id=2035658 external
https://bugzilla.redhat.com/show_bug.cgi?id=2035677 external
https://bugzilla.redhat.com/show_bug.cgi?id=2036220 external
https://bugzilla.redhat.com/show_bug.cgi?id=2036483 external
https://bugzilla.redhat.com/show_bug.cgi?id=2036605 external
https://bugzilla.redhat.com/show_bug.cgi?id=2037270 external
https://bugzilla.redhat.com/show_bug.cgi?id=2037290 external
https://bugzilla.redhat.com/show_bug.cgi?id=2037312 external
https://bugzilla.redhat.com/show_bug.cgi?id=2037421 external
https://bugzilla.redhat.com/show_bug.cgi?id=2038679 external
https://bugzilla.redhat.com/show_bug.cgi?id=2038825 external
https://bugzilla.redhat.com/show_bug.cgi?id=2038831 external
https://bugzilla.redhat.com/show_bug.cgi?id=2038985 external
https://bugzilla.redhat.com/show_bug.cgi?id=2039196 external
https://bugzilla.redhat.com/show_bug.cgi?id=2039208 external
https://bugzilla.redhat.com/show_bug.cgi?id=2039489 external
https://bugzilla.redhat.com/show_bug.cgi?id=2039683 external
https://bugzilla.redhat.com/show_bug.cgi?id=2039686 external
https://bugzilla.redhat.com/show_bug.cgi?id=2039691 external
https://bugzilla.redhat.com/show_bug.cgi?id=2040113 external
https://bugzilla.redhat.com/show_bug.cgi?id=2040115 external
https://bugzilla.redhat.com/show_bug.cgi?id=2041519 external
https://bugzilla.redhat.com/show_bug.cgi?id=2041530 external
https://bugzilla.redhat.com/show_bug.cgi?id=2042139 external
https://bugzilla.redhat.com/show_bug.cgi?id=2042799 external
https://bugzilla.redhat.com/show_bug.cgi?id=2042842 external
https://bugzilla.redhat.com/show_bug.cgi?id=2042856 external
https://bugzilla.redhat.com/show_bug.cgi?id=2042880 external
https://bugzilla.redhat.com/show_bug.cgi?id=2042908 external
https://bugzilla.redhat.com/show_bug.cgi?id=2044348 external
https://bugzilla.redhat.com/show_bug.cgi?id=2044398 external
https://bugzilla.redhat.com/show_bug.cgi?id=2046271 external
https://bugzilla.redhat.com/show_bug.cgi?id=2048227 external
https://bugzilla.redhat.com/show_bug.cgi?id=2048275 external
https://bugzilla.redhat.com/show_bug.cgi?id=2051105 external
https://bugzilla.redhat.com/show_bug.cgi?id=2051693 external
https://bugzilla.redhat.com/show_bug.cgi?id=2051968 external
https://bugzilla.redhat.com/show_bug.cgi?id=2052489 external
https://bugzilla.redhat.com/show_bug.cgi?id=2053027 external
https://bugzilla.redhat.com/show_bug.cgi?id=2058167 external
https://security.access.redhat.com/data/csaf/v2/a… self
https://access.redhat.com/security/cve/CVE-2021-29923 self
https://bugzilla.redhat.com/show_bug.cgi?id=1992006 external
https://www.cve.org/CVERecord?id=CVE-2021-29923 external
https://nvd.nist.gov/vuln/detail/CVE-2021-29923 external
https://sick.codes/sick-2021-016/ external
https://access.redhat.com/security/cve/CVE-2021-33195 self
https://bugzilla.redhat.com/show_bug.cgi?id=1989564 external
https://www.cve.org/CVERecord?id=CVE-2021-33195 external
https://nvd.nist.gov/vuln/detail/CVE-2021-33195 external
https://groups.google.com/g/golang-announce/c/RgC… external
https://access.redhat.com/security/cve/CVE-2021-33197 self
https://bugzilla.redhat.com/show_bug.cgi?id=1989570 external
https://www.cve.org/CVERecord?id=CVE-2021-33197 external
https://nvd.nist.gov/vuln/detail/CVE-2021-33197 external
https://access.redhat.com/security/cve/CVE-2021-33198 self
https://bugzilla.redhat.com/show_bug.cgi?id=1989575 external
https://www.cve.org/CVERecord?id=CVE-2021-33198 external
https://nvd.nist.gov/vuln/detail/CVE-2021-33198 external
https://access.redhat.com/security/cve/CVE-2021-34558 self
https://bugzilla.redhat.com/show_bug.cgi?id=1983596 external
https://www.cve.org/CVERecord?id=CVE-2021-34558 external
https://nvd.nist.gov/vuln/detail/CVE-2021-34558 external
https://golang.org/doc/devel/release#go1.15.minor external
https://golang.org/doc/devel/release#go1.16.minor external
https://access.redhat.com/security/cve/CVE-2021-36221 self
https://bugzilla.redhat.com/show_bug.cgi?id=1995656 external
https://www.cve.org/CVERecord?id=CVE-2021-36221 external
https://nvd.nist.gov/vuln/detail/CVE-2021-36221 external
https://groups.google.com/g/golang-announce/c/uHA… external
https://access.redhat.com/security/cve/CVE-2021-44716 self
https://bugzilla.redhat.com/show_bug.cgi?id=2030801 external
https://www.cve.org/CVERecord?id=CVE-2021-44716 external
https://nvd.nist.gov/vuln/detail/CVE-2021-44716 external
https://groups.google.com/g/golang-announce/c/hcm… external
https://access.redhat.com/security/cve/CVE-2021-44717 self
https://bugzilla.redhat.com/show_bug.cgi?id=2030806 external
https://www.cve.org/CVERecord?id=CVE-2021-44717 external
https://nvd.nist.gov/vuln/detail/CVE-2021-44717 external
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Virtualization release 4.10.0 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.10.0 images:\n\nRHEL-8-CNV-4.10\n\n==============\n\nkubevirt-velero-plugin-container-v4.10.0-8\nvirtio-win-container-v4.10.0-10\nkubevirt-template-validator-container-v4.10.0-16\nhostpath-csi-driver-container-v4.10.0-32\nhostpath-provisioner-container-v4.10.0-32\nhostpath-provisioner-operator-container-v4.10.0-62\ncnv-must-gather-container-v4.10.0-110\nvirt-cdi-controller-container-v4.10.0-90\nvirt-cdi-apiserver-container-v4.10.0-90\nvirt-cdi-uploadserver-container-v4.10.0-90\nvirt-cdi-uploadproxy-container-v4.10.0-90\nvirt-cdi-operator-container-v4.10.0-90\nvirt-cdi-cloner-container-v4.10.0-90\nvirt-cdi-importer-container-v4.10.0-90\nkubevirt-ssp-operator-container-v4.10.0-50\nvirt-api-container-v4.10.0-217\nhyperconverged-cluster-webhook-container-v4.10.0-133\nlibguestfs-tools-container-v4.10.0-217\nvirt-handler-container-v4.10.0-217\nvirt-launcher-container-v4.10.0-217\nvirt-artifacts-server-container-v4.10.0-217\nvirt-controller-container-v4.10.0-217\nnode-maintenance-operator-container-v4.10.0-48\nhyperconverged-cluster-operator-container-v4.10.0-133\nvirt-operator-container-v4.10.0-217\ncnv-containernetworking-plugins-container-v4.10.0-49\nkubemacpool-container-v4.10.0-49\nbridge-marker-container-v4.10.0-49\novs-cni-marker-container-v4.10.0-49\novs-cni-plugin-container-v4.10.0-49\nkubernetes-nmstate-handler-container-v4.10.0-49\ncluster-network-addons-operator-container-v4.10.0-49\nhco-bundle-registry-container-v4.10.0-696\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\n* golang: syscall: don\u0027t close fd 0 on ForkExec error (CVE-2021-44717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:0947",
        "url": "https://access.redhat.com/errata/RHSA-2022:0947"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1760028",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760028"
      },
      {
        "category": "external",
        "summary": "1855182",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855182"
      },
      {
        "category": "external",
        "summary": "1906151",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906151"
      },
      {
        "category": "external",
        "summary": "1918294",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918294"
      },
      {
        "category": "external",
        "summary": "1935217",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935217"
      },
      {
        "category": "external",
        "summary": "1945586",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945586"
      },
      {
        "category": "external",
        "summary": "1958085",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958085"
      },
      {
        "category": "external",
        "summary": "1959039",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959039"
      },
      {
        "category": "external",
        "summary": "1975978",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975978"
      },
      {
        "category": "external",
        "summary": "1983079",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983079"
      },
      {
        "category": "external",
        "summary": "1983596",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
      },
      {
        "category": "external",
        "summary": "1986970",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986970"
      },
      {
        "category": "external",
        "summary": "1987009",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1987009"
      },
      {
        "category": "external",
        "summary": "1989564",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
      },
      {
        "category": "external",
        "summary": "1989570",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
      },
      {
        "category": "external",
        "summary": "1989575",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
      },
      {
        "category": "external",
        "summary": "1990061",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990061"
      },
      {
        "category": "external",
        "summary": "1992006",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
      },
      {
        "category": "external",
        "summary": "1992231",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992231"
      },
      {
        "category": "external",
        "summary": "1993454",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993454"
      },
      {
        "category": "external",
        "summary": "1995656",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
      },
      {
        "category": "external",
        "summary": "1997540",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997540"
      },
      {
        "category": "external",
        "summary": "1998300",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998300"
      },
      {
        "category": "external",
        "summary": "1999110",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999110"
      },
      {
        "category": "external",
        "summary": "1999636",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999636"
      },
      {
        "category": "external",
        "summary": "2000480",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000480"
      },
      {
        "category": "external",
        "summary": "2001984",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001984"
      },
      {
        "category": "external",
        "summary": "2001987",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001987"
      },
      {
        "category": "external",
        "summary": "2002272",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002272"
      },
      {
        "category": "external",
        "summary": "2003704",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003704"
      },
      {
        "category": "external",
        "summary": "2007397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007397"
      },
      {
        "category": "external",
        "summary": "2008140",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008140"
      },
      {
        "category": "external",
        "summary": "2008411",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008411"
      },
      {
        "category": "external",
        "summary": "2008938",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008938"
      },
      {
        "category": "external",
        "summary": "2008949",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008949"
      },
      {
        "category": "external",
        "summary": "2008975",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008975"
      },
      {
        "category": "external",
        "summary": "2010540",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010540"
      },
      {
        "category": "external",
        "summary": "2010908",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010908"
      },
      {
        "category": "external",
        "summary": "2012920",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012920"
      },
      {
        "category": "external",
        "summary": "2013160",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013160"
      },
      {
        "category": "external",
        "summary": "2013455",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013455"
      },
      {
        "category": "external",
        "summary": "2015327",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015327"
      },
      {
        "category": "external",
        "summary": "2017255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2017255"
      },
      {
        "category": "external",
        "summary": "2018457",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018457"
      },
      {
        "category": "external",
        "summary": "2018925",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018925"
      },
      {
        "category": "external",
        "summary": "2018970",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018970"
      },
      {
        "category": "external",
        "summary": "2019053",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019053"
      },
      {
        "category": "external",
        "summary": "2021992",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021992"
      },
      {
        "category": "external",
        "summary": "2025295",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025295"
      },
      {
        "category": "external",
        "summary": "2025750",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025750"
      },
      {
        "category": "external",
        "summary": "2025878",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025878"
      },
      {
        "category": "external",
        "summary": "2026336",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026336"
      },
      {
        "category": "external",
        "summary": "2026363",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026363"
      },
      {
        "category": "external",
        "summary": "2026665",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026665"
      },
      {
        "category": "external",
        "summary": "2026667",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026667"
      },
      {
        "category": "external",
        "summary": "2027420",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027420"
      },
      {
        "category": "external",
        "summary": "2027922",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027922"
      },
      {
        "category": "external",
        "summary": "2029343",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029343"
      },
      {
        "category": "external",
        "summary": "2029767",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029767"
      },
      {
        "category": "external",
        "summary": "2030660",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030660"
      },
      {
        "category": "external",
        "summary": "2030686",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030686"
      },
      {
        "category": "external",
        "summary": "2030801",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
      },
      {
        "category": "external",
        "summary": "2030806",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
      },
      {
        "category": "external",
        "summary": "2031033",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031033"
      },
      {
        "category": "external",
        "summary": "2031688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031688"
      },
      {
        "category": "external",
        "summary": "2031727",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031727"
      },
      {
        "category": "external",
        "summary": "2031919",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031919"
      },
      {
        "category": "external",
        "summary": "2032045",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032045"
      },
      {
        "category": "external",
        "summary": "2032845",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032845"
      },
      {
        "category": "external",
        "summary": "2032873",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032873"
      },
      {
        "category": "external",
        "summary": "2032876",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032876"
      },
      {
        "category": "external",
        "summary": "2033240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033240"
      },
      {
        "category": "external",
        "summary": "2033252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033252"
      },
      {
        "category": "external",
        "summary": "2034544",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034544"
      },
      {
        "category": "external",
        "summary": "2035008",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035008"
      },
      {
        "category": "external",
        "summary": "2035324",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035324"
      },
      {
        "category": "external",
        "summary": "2035658",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035658"
      },
      {
        "category": "external",
        "summary": "2035677",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035677"
      },
      {
        "category": "external",
        "summary": "2036220",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036220"
      },
      {
        "category": "external",
        "summary": "2036483",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036483"
      },
      {
        "category": "external",
        "summary": "2036605",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036605"
      },
      {
        "category": "external",
        "summary": "2037270",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037270"
      },
      {
        "category": "external",
        "summary": "2037290",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037290"
      },
      {
        "category": "external",
        "summary": "2037312",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037312"
      },
      {
        "category": "external",
        "summary": "2037421",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037421"
      },
      {
        "category": "external",
        "summary": "2038679",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038679"
      },
      {
        "category": "external",
        "summary": "2038825",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038825"
      },
      {
        "category": "external",
        "summary": "2038831",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038831"
      },
      {
        "category": "external",
        "summary": "2038985",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038985"
      },
      {
        "category": "external",
        "summary": "2039196",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039196"
      },
      {
        "category": "external",
        "summary": "2039208",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039208"
      },
      {
        "category": "external",
        "summary": "2039489",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039489"
      },
      {
        "category": "external",
        "summary": "2039683",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039683"
      },
      {
        "category": "external",
        "summary": "2039686",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039686"
      },
      {
        "category": "external",
        "summary": "2039691",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039691"
      },
      {
        "category": "external",
        "summary": "2040113",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040113"
      },
      {
        "category": "external",
        "summary": "2040115",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040115"
      },
      {
        "category": "external",
        "summary": "2041519",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041519"
      },
      {
        "category": "external",
        "summary": "2041530",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041530"
      },
      {
        "category": "external",
        "summary": "2042139",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042139"
      },
      {
        "category": "external",
        "summary": "2042799",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042799"
      },
      {
        "category": "external",
        "summary": "2042842",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042842"
      },
      {
        "category": "external",
        "summary": "2042856",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042856"
      },
      {
        "category": "external",
        "summary": "2042880",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042880"
      },
      {
        "category": "external",
        "summary": "2042908",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042908"
      },
      {
        "category": "external",
        "summary": "2044348",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044348"
      },
      {
        "category": "external",
        "summary": "2044398",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044398"
      },
      {
        "category": "external",
        "summary": "2046271",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046271"
      },
      {
        "category": "external",
        "summary": "2048227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048227"
      },
      {
        "category": "external",
        "summary": "2048275",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048275"
      },
      {
        "category": "external",
        "summary": "2051105",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051105"
      },
      {
        "category": "external",
        "summary": "2051693",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051693"
      },
      {
        "category": "external",
        "summary": "2051968",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051968"
      },
      {
        "category": "external",
        "summary": "2052489",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052489"
      },
      {
        "category": "external",
        "summary": "2053027",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053027"
      },
      {
        "category": "external",
        "summary": "2058167",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058167"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0947.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift Virtualization 4.10.0 Images security and bug fix update",
    "tracking": {
      "current_release_date": "2024-12-17T21:54:52+00:00",
      "generator": {
        "date": "2024-12-17T21:54:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.3"
        }
      },
      "id": "RHSA-2022:0947",
      "initial_release_date": "2022-03-16T15:45:58+00:00",
      "revision_history": [
        {
          "date": "2022-03-16T15:45:58+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-03-16T15:45:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-17T21:54:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "CNV 4.10 for RHEL 8",
                "product": {
                  "name": "CNV 4.10 for RHEL 8",
                  "product_id": "8Base-CNV-4.10",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:container_native_virtualization:4.10::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "OpenShift Virtualization"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
                "product": {
                  "name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
                  "product_id": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
                "product": {
                  "name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
                  "product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
                "product": {
                  "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
                  "product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
                "product": {
                  "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
                  "product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.10.0-110"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
                "product": {
                  "name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
                  "product_id": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.10.0-696"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                  "product_id": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver-rhel8\u0026tag=v4.10.0-32"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                  "product_id": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver\u0026tag=v4.10.0-32"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
                  "product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.10.0-32"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
                  "product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.10.0-62"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
                "product": {
                  "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
                  "product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.10.0-133"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
                "product": {
                  "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
                  "product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.10.0-133"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
                "product": {
                  "name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
                  "product_id": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
                "product": {
                  "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
                  "product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
                  "product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.10.0-50"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
                  "product_id": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.10.0-16"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
                "product": {
                  "name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
                  "product_id": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
                "product": {
                  "name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
                  "product_id": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.10.0-48"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
                "product": {
                  "name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
                  "product_id": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
                "product": {
                  "name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
                  "product_id": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.10.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
                  "product_id": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
                  "product_id": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.10.0-90"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
                  "product_id": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
                  "product_id": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
                "product": {
                  "name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
                  "product_id": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.10.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
                  "product_id": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.10.0-217"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
                  "product_id": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.10.0-217"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64"
        },
        "product_reference": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64"
        },
        "product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64"
        },
        "product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
        },
        "product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64"
        },
        "product_reference": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64"
        },
        "product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
        },
        "product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64"
        },
        "product_reference": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64"
        },
        "product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64"
        },
        "product_reference": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64"
        },
        "product_reference": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64"
        },
        "product_reference": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64"
        },
        "product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64"
        },
        "product_reference": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64"
        },
        "product_reference": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64"
        },
        "product_reference": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64"
        },
        "product_reference": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64"
        },
        "product_reference": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64"
        },
        "product_reference": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64 as a component of CNV 4.10 for RHEL 8",
          "product_id": "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        },
        "product_reference": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.10"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-29923",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-08-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1992006"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-29923"
        },
        {
          "category": "external",
          "summary": "RHBZ#1992006",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
        },
        {
          "category": "external",
          "summary": "https://sick.codes/sick-2021-016/",
          "url": "https://sick.codes/sick-2021-016/"
        }
      ],
      "release_date": "2021-03-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
    },
    {
      "cve": "CVE-2021-33195",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-08-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1989564"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net: lookup functions may return invalid host names",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-33195"
        },
        {
          "category": "external",
          "summary": "RHBZ#1989564",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33195",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
          "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
        }
      ],
      "release_date": "2021-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net: lookup functions may return invalid host names"
    },
    {
      "cve": "CVE-2021-33197",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-08-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1989570"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-33197"
        },
        {
          "category": "external",
          "summary": "RHBZ#1989570",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33197",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
          "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
        }
      ],
      "release_date": "2021-05-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty"
    },
    {
      "cve": "CVE-2021-33198",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-08-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1989575"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-33198"
        },
        {
          "category": "external",
          "summary": "RHBZ#1989575",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33198",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
          "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
        }
      ],
      "release_date": "2021-03-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents"
    },
    {
      "cve": "CVE-2021-34558",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1983596"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n    - OpenShift Container Platform\n    - OpenShift distributed tracing (formerly OpenShift Jaeger)\n    - OpenShift Migration Toolkit for Containers\n    - Red Hat Advanced Cluster Management for Kubernetes\n    - Red Hat OpenShift on AWS\n    - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-34558"
        },
        {
          "category": "external",
          "summary": "RHBZ#1983596",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
        },
        {
          "category": "external",
          "summary": "https://golang.org/doc/devel/release#go1.15.minor",
          "url": "https://golang.org/doc/devel/release#go1.15.minor"
        },
        {
          "category": "external",
          "summary": "https://golang.org/doc/devel/release#go1.16.minor",
          "url": "https://golang.org/doc/devel/release#go1.16.minor"
        }
      ],
      "release_date": "2021-07-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
    },
    {
      "cve": "CVE-2021-36221",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "discovery_date": "2021-08-10T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1995656"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash.  The highest threat from this vulnerability is to Availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-36221"
        },
        {
          "category": "external",
          "summary": "RHBZ#1995656",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
          "url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
        }
      ],
      "release_date": "2021-08-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
    },
    {
      "cve": "CVE-2021-44716",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2030801"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: limit growth of header canonicalization cache",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "RHBZ#2030801",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
          "url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: limit growth of header canonicalization cache"
    },
    {
      "cve": "CVE-2021-44717",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2030806"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
          "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
          "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
          "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
          "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "RHBZ#2030806",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
          "url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-03-16T15:45:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:0947"
        },
        {
          "category": "workaround",
          "details": "This bug can be mitigated by raising the per-process file descriptor limit.",
          "product_ids": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
            "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
            "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
            "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
            "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
            "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.