RHSA-2022_1420

Vulnerability from csaf_redhat - Published: 2022-04-27 07:44 - Updated: 2024-11-22 19:04
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.11.685 security and bug fix update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 3.11.685 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.685. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2022:1421 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html Security Fix(es): * workflow-cps: OS command execution through crafted SCM contents (CVE-2022-25173) * workflow-cps-global-lib: OS command execution through crafted SCM contents (CVE-2022-25174) * workflow-multibranch: OS command execution through crafted SCM contents (CVE-2022-25175) * workflow-cps-global-lib: Sandbox bypass vulnerability (CVE-2022-25181) * workflow-cps-global-lib: Sandbox bypass vulnerability (CVE-2022-25182) * workflow-cps-global-lib: Sandbox bypass vulnerability (CVE-2022-25183) * xstream: Injecting highly recursive collections or maps can cause a DoS (CVE-2021-43859) * workflow-cps: Pipeline-related plugins follow symbolic links or do not limit path names (CVE-2022-25176) * workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names (CVE-2022-25177) * workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names (CVE-2022-25178) * workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names (CVE-2022-25179) * workflow-cps: Password parameters are included from the original build in replayed builds (CVE-2022-25180) * pipeline-build-step: Password parameter default values exposed (CVE-2022-25184) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2021-43859

XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. See GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not possible.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-770 - Allocation of Resources Without Limits or Throttling
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Moderate
CVE-2022-25173

A flaw was found in Jenkins. The Pipeline: Groovy Plugin uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.

8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Important
CVE-2022-25174

A flaw was found in Jenkins. The JenkinsPipeline: Shared Groovy Libraries uses the same checkout directories for distinct SCMs for Pipeline libraries. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. This allows attackers to compromise confidentiality, integrity, and availability.

8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Important
CVE-2022-25175

A flaw was found in Jenkins. The Pipeline: Multibranch uses the same checkout directories for distinct SCMs for the readTrusted step. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.This allows attackers to compromise confidentiality, integrity, and availability.

8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Important
CVE-2022-25176

A flaw was found in Jenkins. The Pipeline: Groovy Plugin follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system.

6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Moderate
CVE-2022-25177

A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system.

6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Moderate
CVE-2022-25178

A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries does not restrict the names of resources passed to the libraryResource step. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system.

6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Moderate
CVE-2022-25179

A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins controller file system.

6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Moderate
CVE-2022-25180

A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline.

4.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE-522 - Insufficiently Protected Credentials
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Moderate
CVE-2022-25181

A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the same workspace directory for all checkouts of Pipeline libraries with the same name, regardless of the SCM used and the source of the library configuration. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller, JVM, through crafted SCM contents if a global Pipeline library already exists.

8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-179 - Incorrect Behavior Order: Early Validation
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Important
CVE-2022-25182

A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the names of Pipeline libraries to create directories without canonicalization or sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller, JVM, using specially crafted library names if a global Pipeline library is already configured.

8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-179 - Incorrect Behavior Order: Early Validation
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Important
CVE-2022-25183

A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries plugin uses the names of Pipeline libraries to create cache directories without any sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller JVM, using specially crafted library names if a global Pipeline library configured to use caching already exists.

8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-179 - Incorrect Behavior Order: Early Validation
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Important
CVE-2022-25184

A flaw was found in Jenkins pipeline-build-step where it revealed password parameter default values when generating a pipeline script using the Pipeline snippet generator. This flaw allows attackers with item/read permission to retrieve the default password parameter value from jobs and compromises confidentiality.

6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-522 - Insufficiently Protected Credentials
Affected products
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch
Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch
Threats
Impact Moderate
References
URL Category
https://access.redhat.com/errata/RHSA-2022:1420 self
https://access.redhat.com/security/updates/classi… external
https://bugzilla.redhat.com/show_bug.cgi?id=2049783 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055719 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055733 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055734 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055787 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055788 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055789 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055792 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055795 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055797 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055798 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055802 external
https://bugzilla.redhat.com/show_bug.cgi?id=2055804 external
https://bugzilla.redhat.com/show_bug.cgi?id=2076828 external
https://security.access.redhat.com/data/csaf/v2/a… self
https://access.redhat.com/security/cve/CVE-2021-43859 self
https://bugzilla.redhat.com/show_bug.cgi?id=2049783 external
https://www.cve.org/CVERecord?id=CVE-2021-43859 external
https://nvd.nist.gov/vuln/detail/CVE-2021-43859 external
https://access.redhat.com/security/cve/CVE-2022-25173 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055733 external
https://www.cve.org/CVERecord?id=CVE-2022-25173 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25173 external
https://access.redhat.com/security/cve/CVE-2022-25174 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055734 external
https://www.cve.org/CVERecord?id=CVE-2022-25174 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25174 external
https://access.redhat.com/security/cve/CVE-2022-25175 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055719 external
https://www.cve.org/CVERecord?id=CVE-2022-25175 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25175 external
https://access.redhat.com/security/cve/CVE-2022-25176 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055787 external
https://www.cve.org/CVERecord?id=CVE-2022-25176 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25176 external
https://access.redhat.com/security/cve/CVE-2022-25177 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055788 external
https://www.cve.org/CVERecord?id=CVE-2022-25177 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25177 external
https://access.redhat.com/security/cve/CVE-2022-25178 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055789 external
https://www.cve.org/CVERecord?id=CVE-2022-25178 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25178 external
https://access.redhat.com/security/cve/CVE-2022-25179 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055792 external
https://www.cve.org/CVERecord?id=CVE-2022-25179 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25179 external
https://access.redhat.com/security/cve/CVE-2022-25180 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055795 external
https://www.cve.org/CVERecord?id=CVE-2022-25180 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25180 external
https://access.redhat.com/security/cve/CVE-2022-25181 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055797 external
https://www.cve.org/CVERecord?id=CVE-2022-25181 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25181 external
https://access.redhat.com/security/cve/CVE-2022-25182 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055798 external
https://www.cve.org/CVERecord?id=CVE-2022-25182 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25182 external
https://access.redhat.com/security/cve/CVE-2022-25183 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055802 external
https://www.cve.org/CVERecord?id=CVE-2022-25183 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25183 external
https://access.redhat.com/security/cve/CVE-2022-25184 self
https://bugzilla.redhat.com/show_bug.cgi?id=2055804 external
https://www.cve.org/CVERecord?id=CVE-2022-25184 external
https://nvd.nist.gov/vuln/detail/CVE-2022-25184 external
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform release 3.11.685 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.685. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:1421\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html \n\nSecurity Fix(es):\n\n* workflow-cps: OS command execution through crafted SCM contents (CVE-2022-25173)\n\n* workflow-cps-global-lib: OS command execution through crafted SCM contents (CVE-2022-25174)\n\n* workflow-multibranch: OS command execution through crafted SCM contents (CVE-2022-25175)\n\n* workflow-cps-global-lib: Sandbox bypass vulnerability (CVE-2022-25181)\n\n* workflow-cps-global-lib: Sandbox bypass vulnerability (CVE-2022-25182)\n\n* workflow-cps-global-lib: Sandbox bypass vulnerability (CVE-2022-25183)\n\n* xstream: Injecting highly recursive collections or maps can cause a DoS (CVE-2021-43859)\n\n* workflow-cps: Pipeline-related plugins follow symbolic links or do not limit path names (CVE-2022-25176)\n\n* workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names (CVE-2022-25177)\n\n* workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names (CVE-2022-25178)\n\n* workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names (CVE-2022-25179)\n\n* workflow-cps: Password parameters are included from the original build in replayed builds (CVE-2022-25180)\n\n* pipeline-build-step: Password parameter default values exposed (CVE-2022-25184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:1420",
        "url": "https://access.redhat.com/errata/RHSA-2022:1420"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2049783",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049783"
      },
      {
        "category": "external",
        "summary": "2055719",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055719"
      },
      {
        "category": "external",
        "summary": "2055733",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055733"
      },
      {
        "category": "external",
        "summary": "2055734",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055734"
      },
      {
        "category": "external",
        "summary": "2055787",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055787"
      },
      {
        "category": "external",
        "summary": "2055788",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055788"
      },
      {
        "category": "external",
        "summary": "2055789",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055789"
      },
      {
        "category": "external",
        "summary": "2055792",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055792"
      },
      {
        "category": "external",
        "summary": "2055795",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055795"
      },
      {
        "category": "external",
        "summary": "2055797",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055797"
      },
      {
        "category": "external",
        "summary": "2055798",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055798"
      },
      {
        "category": "external",
        "summary": "2055802",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055802"
      },
      {
        "category": "external",
        "summary": "2055804",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055804"
      },
      {
        "category": "external",
        "summary": "2076828",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076828"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1420.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift Container Platform 3.11.685 security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-22T19:04:29+00:00",
      "generator": {
        "date": "2024-11-22T19:04:29+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2022:1420",
      "initial_release_date": "2022-04-27T07:44:06+00:00",
      "revision_history": [
        {
          "date": "2022-04-27T07:44:06+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-04-27T07:44:06+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T19:04:29+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 3.11",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 3.11",
                  "product_id": "7Server-RH7-RHOSE-3.11",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:3.11::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.685-1.g2e6be86.el7?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
                "product": {
                  "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
                  "product_id": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.685-1.git.0.7faaeaa.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.685-1.g99b2acf.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
                  "product_id": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.685-1.gd435537.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
                  "product_id": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.685-1.g3571208.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.685-1.gf8bf728.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.685-1.gc8f26da.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
                  "product_id": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.685-1.g39cfc66.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
                  "product_id": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.685-1.gd742e61.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.685-1.gedebe84.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
                "product": {
                  "name": "golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
                  "product_id": "golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.685-1.g13de638.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
                "product": {
                  "name": "golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
                  "product_id": "golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.685-1.g609cd20.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
                "product": {
                  "name": "golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
                  "product_id": "golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.685-1.g99aae51.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-0:2.319.3.1650348949-1.el7.src",
                "product": {
                  "name": "jenkins-0:2.319.3.1650348949-1.el7.src",
                  "product_id": "jenkins-0:2.319.3.1650348949-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.319.3.1650348949-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.11.1650371376-1.el7.src",
                "product": {
                  "name": "jenkins-2-plugins-0:3.11.1650371376-1.el7.src",
                  "product_id": "jenkins-2-plugins-0:3.11.1650371376-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1650371376-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
                "product": {
                  "name": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
                  "product_id": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible@3.11.685-1.git.0.a9090ac.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.685-1.gf2f435d.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.685-1.g22be164.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
                "product": {
                  "name": "openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
                  "product_id": "openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr@3.11.685-1.g0c4bf66.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.685-1.g2e6be86.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
                "product": {
                  "name": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
                  "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.685-1.g2e6be86.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_id": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.685-1.git.0.7faaeaa.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.685-1.g99b2acf.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
                  "product_id": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.685-1.gd435537.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
                  "product_id": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.685-1.g3571208.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.685-1.gf8bf728.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.685-1.gc8f26da.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
                  "product_id": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.685-1.g39cfc66.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
                  "product_id": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.685-1.gd742e61.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.685-1.gedebe84.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
                "product": {
                  "name": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
                  "product_id": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.685-1.g13de638.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
                "product": {
                  "name": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
                  "product_id": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.685-1.g609cd20.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
                "product": {
                  "name": "prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
                  "product_id": "prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus@3.11.685-1.g99aae51.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.685-1.gf2f435d.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.685-1.g22be164.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.685-1.g2e6be86.el7?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
                "product": {
                  "name": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
                  "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.685-1.g2e6be86.el7?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_id": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.685-1.git.0.7faaeaa.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.685-1.g99b2acf.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
                  "product_id": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.685-1.gd435537.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.685-1.gf8bf728.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.685-1.gc8f26da.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
                  "product_id": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.685-1.g39cfc66.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
                  "product_id": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.685-1.gd742e61.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.685-1.gedebe84.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
                "product": {
                  "name": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
                  "product_id": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.685-1.g13de638.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
                "product": {
                  "name": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
                  "product_id": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.685-1.g609cd20.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
                "product": {
                  "name": "prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
                  "product_id": "prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus@3.11.685-1.g99aae51.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.685-1.gf2f435d.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.685-1.g22be164.el7?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
                "product": {
                  "name": "atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
                  "product_id": "atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.685-1.git.0.7faaeaa.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
                "product": {
                  "name": "atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
                  "product_id": "atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.685-1.git.0.7faaeaa.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-0:2.319.3.1650348949-1.el7.noarch",
                "product": {
                  "name": "jenkins-0:2.319.3.1650348949-1.el7.noarch",
                  "product_id": "jenkins-0:2.319.3.1650348949-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.319.3.1650348949-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
                  "product_id": "jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1650371376-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                "product": {
                  "name": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_id": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible@3.11.685-1.git.0.a9090ac.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                "product": {
                  "name": "openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_id": "openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.685-1.git.0.a9090ac.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                "product": {
                  "name": "openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_id": "openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.685-1.git.0.a9090ac.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                "product": {
                  "name": "openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_id": "openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.685-1.git.0.a9090ac.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                "product": {
                  "name": "openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_id": "openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.685-1.git.0.a9090ac.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
                  "product_id": "openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-cni@3.11.685-1.g0c4bf66.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
                  "product_id": "openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-common@3.11.685-1.g0c4bf66.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
                  "product_id": "openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-controller@3.11.685-1.g0c4bf66.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch",
                "product": {
                  "name": "python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch",
                  "product_id": "python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python2-kuryr-kubernetes@3.11.685-1.g0c4bf66.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le"
        },
        "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64"
        },
        "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src"
        },
        "product_reference": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch"
        },
        "product_reference": "atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch"
        },
        "product_reference": "atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64"
        },
        "product_reference": "atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src"
        },
        "product_reference": "golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src"
        },
        "product_reference": "golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src"
        },
        "product_reference": "golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.319.3.1650348949-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch"
        },
        "product_reference": "jenkins-0:2.319.3.1650348949-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.319.3.1650348949-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src"
        },
        "product_reference": "jenkins-0:2.319.3.1650348949-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.11.1650371376-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        },
        "product_reference": "jenkins-2-plugins-0:3.11.1650371376-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch"
        },
        "product_reference": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src"
        },
        "product_reference": "openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch"
        },
        "product_reference": "openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch"
        },
        "product_reference": "openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch"
        },
        "product_reference": "openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch"
        },
        "product_reference": "openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src"
        },
        "product_reference": "openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch"
        },
        "product_reference": "openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch"
        },
        "product_reference": "openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch"
        },
        "product_reference": "openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-0:3.11.685-1.g99aae51.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le"
        },
        "product_reference": "prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-0:3.11.685-1.g99aae51.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64"
        },
        "product_reference": "prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le"
        },
        "product_reference": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64"
        },
        "product_reference": "prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le"
        },
        "product_reference": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64"
        },
        "product_reference": "prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        },
        "product_reference": "python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-43859",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-02-01T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2049783"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. See GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not possible.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xstream: Injecting highly recursive collections or maps can cause a DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Product Security has rated this issue as having Moderate security impact and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-43859"
        },
        {
          "category": "external",
          "summary": "RHBZ#2049783",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049783"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43859",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-43859"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43859",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43859"
        }
      ],
      "release_date": "2022-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "xstream: Injecting highly recursive collections or maps can cause a DoS"
    },
    {
      "cve": "CVE-2022-25173",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055733"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Groovy Plugin uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps: OS command execution through crafted SCM contents",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25173"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055733",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055733"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25173",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25173"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25173",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25173"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "workflow-cps: OS command execution through crafted SCM contents"
    },
    {
      "cve": "CVE-2022-25174",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055734"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The JenkinsPipeline: Shared Groovy Libraries uses the same checkout directories for distinct SCMs for Pipeline libraries. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. This allows attackers to compromise confidentiality, integrity, and availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps-global-lib: OS command execution through crafted SCM contents",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25174"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055734",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055734"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25174",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25174"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25174",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25174"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "workflow-cps-global-lib: OS command execution through crafted SCM contents"
    },
    {
      "cve": "CVE-2022-25175",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055719"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Multibranch uses the same checkout directories for distinct SCMs for the readTrusted step. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.This allows attackers to compromise confidentiality, integrity, and availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-multibranch: OS command execution through crafted SCM contents",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25175"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055719",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055719"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25175",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25175"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25175",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25175"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "workflow-multibranch: OS command execution through crafted SCM contents"
    },
    {
      "cve": "CVE-2022-25176",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055787"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Groovy Plugin follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps: Pipeline-related plugins follow symbolic links or do not limit path names",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25176"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055787",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055787"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25176",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25176"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25176",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25176"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "workflow-cps: Pipeline-related plugins follow symbolic links or do not limit path names"
    },
    {
      "cve": "CVE-2022-25177",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055788"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25177"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055788",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055788"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25177",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25177"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25177",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25177"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names"
    },
    {
      "cve": "CVE-2022-25178",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055789"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries does not restrict the names of resources passed to the libraryResource step. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25178"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055789",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055789"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25178"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names"
    },
    {
      "cve": "CVE-2022-25179",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055792"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins controller file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25179"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055792",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055792"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25179",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25179"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25179",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25179"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names"
    },
    {
      "cve": "CVE-2022-25180",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055795"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps: Password parameters are included from the original build in replayed builds",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25180"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055795",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055795"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25180",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25180"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25180",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25180"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "workflow-cps: Password parameters are included from the original build in replayed builds"
    },
    {
      "cve": "CVE-2022-25181",
      "cwe": {
        "id": "CWE-179",
        "name": "Incorrect Behavior Order: Early Validation"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055797"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the same workspace directory for all checkouts of Pipeline libraries with the same name, regardless of the SCM used and the source of the library configuration. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller, JVM, through crafted SCM contents if a global Pipeline library already exists.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps-global-lib: Sandbox bypass vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25181"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055797",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055797"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25181",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25181"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25181",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25181"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "workflow-cps-global-lib: Sandbox bypass vulnerability"
    },
    {
      "cve": "CVE-2022-25182",
      "cwe": {
        "id": "CWE-179",
        "name": "Incorrect Behavior Order: Early Validation"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055798"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the names of Pipeline libraries to create directories without canonicalization or sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller, JVM, using specially crafted library names if a global Pipeline library is already configured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps-global-lib: Sandbox bypass vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25182"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055798",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055798"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25182",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25182"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25182",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25182"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "workflow-cps-global-lib: Sandbox bypass vulnerability"
    },
    {
      "cve": "CVE-2022-25183",
      "cwe": {
        "id": "CWE-179",
        "name": "Incorrect Behavior Order: Early Validation"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055802"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries plugin uses the names of Pipeline libraries to create cache directories without any sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller JVM, using specially crafted library names if a global Pipeline library configured to use caching already exists.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "workflow-cps-global-lib: Sandbox bypass vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25183"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055802",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055802"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25183"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "workflow-cps-global-lib: Sandbox bypass vulnerability"
    },
    {
      "cve": "CVE-2022-25184",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2055804"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins pipeline-build-step where it revealed password parameter default values when generating a pipeline script using the Pipeline snippet generator. This flaw allows attackers with item/read permission to retrieve the default password parameter value from jobs and compromises confidentiality.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pipeline-build-step: Password parameter default values exposed",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.685-1.g2e6be86.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.685-1.g99b2acf.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.685-1.gd435537.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.685-1.g3571208.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.685-1.git.0.7faaeaa.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.685-1.gf8bf728.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.685-1.gc8f26da.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.685-1.g39cfc66.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.685-1.git.0.7faaeaa.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.685-1.gd742e61.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.685-1.gedebe84.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.685-1.g13de638.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.685-1.g609cd20.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.685-1.g99aae51.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.319.3.1650348949-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.685-1.git.0.a9090ac.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.685-1.git.0.a9090ac.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.685-1.gf2f435d.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.685-1.g22be164.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.685-1.g0c4bf66.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.685-1.g0c4bf66.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.685-1.g99aae51.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.685-1.g13de638.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.685-1.g609cd20.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.685-1.g0c4bf66.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25184"
        },
        {
          "category": "external",
          "summary": "RHBZ#2055804",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055804"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25184",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25184"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25184",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25184"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-04-27T07:44:06+00:00",
          "details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at https://docs.openshift.com/container-platform/3.11/updating/updating-cluster-cli.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:1420"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1650371376-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "pipeline-build-step: Password parameter default values exposed"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.