rhsa-2022_2217
Vulnerability from csaf_redhat
Published
2022-05-11 20:33
Modified
2024-11-06 00:52
Summary
Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.3.7
Notes
Topic
Openshift Logging Bug Fix Release (5.3.7)
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.3.7)
Security Fix(es):
* kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)
* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Openshift Logging Bug Fix Release (5.3.7)\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.3.7)\n\nSecurity Fix(es):\n\n* kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:2217",
"url": "https://access.redhat.com/errata/RHSA-2022:2217"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2031958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
},
{
"category": "external",
"summary": "2045880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
},
{
"category": "external",
"summary": "2058404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058404"
},
{
"category": "external",
"summary": "LOG-2334",
"url": "https://issues.redhat.com/browse/LOG-2334"
},
{
"category": "external",
"summary": "LOG-2450",
"url": "https://issues.redhat.com/browse/LOG-2450"
},
{
"category": "external",
"summary": "LOG-2481",
"url": "https://issues.redhat.com/browse/LOG-2481"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_2217.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.3.7",
"tracking": {
"current_release_date": "2024-11-06T00:52:32+00:00",
"generator": {
"date": "2024-11-06T00:52:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2022:2217",
"initial_release_date": "2022-05-11T20:33:12+00:00",
"revision_history": [
{
"date": "2022-05-11T20:33:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-11T20:33:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T00:52:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.3",
"product": {
"name": "OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.7-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-171"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-127"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-159"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-164"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-178"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-190"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.7-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.7-20"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.7-20"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-171"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-127"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-159"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-164"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-178"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-190"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.7-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-171"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-127"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-126"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-159"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-164"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-178"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-190"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-11T20:33:12+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:2217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-11T20:33:12+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:2217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-43797",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031958"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: control chars in header names may lead to HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated, hence the affected components are marked as wontfix.\nThe openshift4/ose-logging-elasticsearch6 container is marked as Out of support scope because since the release of OCP 4.7 the logging functionality is delivered as an OpenShift Logging product and OCP 4.6 is already in the Maintenance Support phase.\nA fix was introduced in netty-codec-http version 4.1.72.Final.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43797"
},
{
"category": "external",
"summary": "RHBZ#2031958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq",
"url": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-11T20:33:12+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:2217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: control chars in header names may lead to HTTP request smuggling"
},
{
"acknowledgments": [
{
"names": [
"Beni Paskin Cherniavsky"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2022-0759",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2058404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kubeclient, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate (it wrongly returns VERIFY_NONE). Ruby applications that leverage kubeclient to parse kubeconfig files are susceptible to Man-in-the-middle attacks (MITM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubeclient: kubeconfig parsing error can lead to MITM attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0759"
},
{
"category": "external",
"summary": "RHBZ#2058404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0759"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0759",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0759"
}
],
"release_date": "2022-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-11T20:33:12+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:2217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubeclient: kubeconfig parsing error can lead to MITM attacks"
},
{
"cve": "CVE-2022-21698",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2022-01-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2045880"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a moderate impact for two main reasons. The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. Additionally, this is in alignment with upstream\u0027s (the Prometheus project) impact rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21698"
},
{
"category": "external",
"summary": "RHBZ#2045880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698"
},
{
"category": "external",
"summary": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p",
"url": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p"
}
],
"release_date": "2022-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-11T20:33:12+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:2217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.